Fortinet FortiOS Redirect Parameter Multiple Vulnerabilities

medium Nessus Plugin ID 90314

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The remote host is running a version of Fortinet FortiOS that is affected by the following vulnerabilities :

- An open redirect vulnerability exists due to improper validation of user-supplied input before using it in redirects. An attacker can exploit this, via a specially crafted link, to redirect a victim to an arbitrary malicious website.

- A cross-site scripting (XSS) vulnerability exists due to improper validation of user-supplied input to the parameter used to govern redirects. An attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session.

Solution

Upgrade to Fortinet FortiOS version 5.0.13 / 5.2.3 / 5.4.0 or later.

See Also

https://seclists.org/fulldisclosure/2016/Mar/68

Plugin Details

Severity: Medium

ID: 90314

File Name: fortios_login_xss.nasl

Version: 1.12

Type: local

Family: Firewalls

Published: 4/1/2016

Updated: 10/17/2022

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Score based on analysis of the vendor advisory.

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: manual

Vulnerability Information

CPE: cpe:/o:fortinet:fortios

Required KB Items: Host/Fortigate/model, Host/Fortigate/version

Excluded KB Items: Settings/disable_cgi_scanning

Patch Publication Date: 3/16/2016

Vulnerability Publication Date: 3/16/2016

Reference Information

BID: 84429