Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

FortiWeb 4.x / 5.x < 5.0.3 Multiple Vulnerabilities

Medium

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The remote host is running FortiWeb 4.x / 5.x prior to 5.0.3. It is, therefore, affected by multiple vulnerabilities :

- FortiWeb is affected by a cross-site scripting vulnerability due to a failure to sanitize user-supplied input. (CVE-2014-1955) - FortiWeb is affected by an unspecified HTTP header injection vulnerability. (CVE-2014-1956) - FortiWeb is affected by an unspecified privilege escalation vulnerability. (CVE-2014-1957)

Solution

Upgrade to 5.0.3 or later.