June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Microsoft Windows Vulnerabilities
January 28, 2025
Multiple GitLab Community Edition and Enterprise Edition Vulnerabilities
January 28, 2025
Multiple Microsoft Windows Vulnerabilities
January 28, 2025
Multiple GitLab Community Edition and Enterprise Edition Vulnerabilities
January 28, 2025
Severity
Medium
Analysis Summary
CVE-2013-1414 CVSS:4.3
Fortinet FortiGate is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input by the shutdown page. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CVE-2012-4948 CVSS:4.3
Fortigate UTM appliances could allow a remote attacker to bypass security restrictions, caused by the sharing of the same self-signed Fortigate CA certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, a remote attacker could exploit this vulnerability using man-in-the-middle techniques to gain unauthorized access to the system to eavesdrop on encrypted communications.
CVE-2008-7161 CVSS:7.5
Fortinet FortiGate could allow a remote attacker to bypass security restrictions. An attacker could send a specially-crafted GET or POSt request to bypass the URL blocking feature and gain access to prohibited Websites.
CVE-2014-2216 CVSS:5
Fortinet FortiGate is vulnerable to a denial of service, caused by an error in the protocol service. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause a denial of service and possibly execute arbitrary code on the system.
CVE-2012-6347 CVSS:6.1
FortiGate FortiDB is vulnerable to multiple cross-site scripting, caused by improper validation of user-supplied input by multiple scripts. A remote attacker could exploit this vulnerability using the 'conversationContext' to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVE-2015-3626 CVSS:6.1
Fortinet FortiGate/FortiOS is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DHCP Monitor WebUI. A remote attacker could exploit this vulnerability using the hostname field to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
Impact
- Denial of Service
- Cross-site Scripting
- Security Bypass
Indicators of Compromise
CVE
CVE-2013-1414
CVE-2012-4948
CVE-2008-7161
CVE-2014-2216
CVE-2012-6347
CVE-2015-3626
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiGate/FortiOS 5.2.3
- FortiGate FortiDB 4 prior to 4.4.2
- Fortinet FortiOS 4.3.15
- Fortinet FortiOS 5.0.7
- Fortinet FortiOS 5.0
- Fortinet Fortinet FortiGate-1000 3.00
- Fortinet FortiGate 3950
- Fortinet FortiGate 5000
- Fortinet FortiGate 620B
- Fortinet FortiGate 800
- Fortinet FortiGate 5.0.1
- Fortinet FortiGate 4.3.12
Remediation
Refer to Fortinet Security Advisory for patch, upgrade or suggested workaround information.
