Sign-up

ID

VAR-201607-0016


CVE

CVE-2016-4066


TITLE

Fortinet FortiWeb Vulnerable to cross-site request forgery

Trust: 0.8

sources: JVNDB: JVNDB-2016-003760

DESCRIPTION

Cross-site request forgery (CSRF) vulnerability in Fortinet FortiWeb before 5.5.3 allows remote attackers to hijack the authentication of administrators for requests that change the password via unspecified vectors. Fortinet FortiWeb is prone to a cross-site request-forgery vulnerability because it does not properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks. Versions of Fortinet FortiWeb prior to 5.5.3 are vulnerable. Fortinet FortiWeb is a web application layer firewall developed by Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc., to ensure the security of web applications and protect sensitive database content

Trust: 1.98

sources: NVD: CVE-2016-4066 // JVNDB: JVNDB-2016-003760 // BID: 91768 // VULHUB: VHN-92885

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiwebscope:lteversion:5.5.2

Trust: 1.0

vendor:fortinetmodel:fortiwebscope:ltversion:5.5.3

Trust: 0.8

vendor:fortinetmodel:fortiwebscope:eqversion:5.5.2

Trust: 0.6

vendor:fortinetmodel:fortiwebscope:eqversion:5.1

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.0.4

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.0.3

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.0.2

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.0.1

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:4.4.7

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.1.2

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.1.1

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.0.0

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.0

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:neversion:5.1.3

Trust: 0.3

sources: BID: 91768 // JVNDB: JVNDB-2016-003760 // NVD: CVE-2016-4066 // CNNVD: CNNVD-201606-583

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2016-4066
value: HIGH

Trust: 1.8

CNNVD: CNNVD-201606-583
value: MEDIUM

Trust: 0.6

VULHUB: VHN-92885
value: MEDIUM

Trust: 0.1

NVD:
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: TRUE
version: 2.0

Trust: 1.0

NVD: CVE-2016-4066
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-92885
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

NVD:
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: CVE-2016-4066
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-92885 // JVNDB: JVNDB-2016-003760 // NVD: CVE-2016-4066 // CNNVD: CNNVD-201606-583

PROBLEMTYPE DATA

problemtype:CWE-352

Trust: 1.9

sources: VULHUB: VHN-92885 // JVNDB: JVNDB-2016-003760 // NVD: CVE-2016-4066

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201606-583

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-201606-583

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2016-4066

PATCH
title:FortiWeb CSRF Vulnerabilityurl:http://fortiguard.com/advisory/fortiweb-csrf-vulnerability
Trust: 0.8
title:Fortinet FortiWeb Fixes for cross-site request forgery vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62499
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-003760 // 
            
            
            
            CNNVD: CNNVD-201606-583

EXTERNAL IDS
db:NVDid:CVE-2016-4066
Trust: 2.8
db:SECTRACKid:1036194
Trust: 1.7
db:BIDid:91768
Trust: 1.4
db:JVNDBid:JVNDB-2016-003760
Trust: 0.8
db:CNNVDid:CNNVD-201606-583
Trust: 0.7
db:VULHUBid:VHN-92885
Trust: 0.1
sources:
            
            
            VULHUB: VHN-92885 // 
            
            
            
            BID: 91768 // 
            
            
            
            JVNDB: JVNDB-2016-003760 // 
            
            
            
            NVD: CVE-2016-4066 // 
            
            
            
            CNNVD: CNNVD-201606-583

REFERENCES
url:http://fortiguard.com/advisory/fortiweb-csrf-vulnerability
Trust: 2.0
url:http://www.securitytracker.com/id/1036194
Trust: 1.7
url:http://www.securityfocus.com/bid/91768
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4066
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4066
Trust: 0.8
url:http://www.fortinet.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-92885 // 
            
            
            
            BID: 91768 // 
            
            
            
            JVNDB: JVNDB-2016-003760 // 
            
            
            
            NVD: CVE-2016-4066 // 
            
            
            
            CNNVD: CNNVD-201606-583

CREDITS
Ewoud Vlasselaer from Dimension Data Belgium
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201606-583

SOURCES
db:VULHUBid:VHN-92885
db:BIDid:91768
db:JVNDBid:JVNDB-2016-003760
db:NVDid:CVE-2016-4066
db:CNNVDid:CNNVD-201606-583

LAST UPDATE DATE
2023-12-18T13:39:10.756000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-92885date:2016-11-28T00:00:00
db:BIDid:91768date:2016-07-13T00:00:00
db:JVNDBid:JVNDB-2016-003760date:2016-07-20T00:00:00
db:NVDid:CVE-2016-4066date:2016-11-28T20:14:52.277
db:CNNVDid:CNNVD-201606-583date:2016-07-14T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-92885date:2016-07-13T00:00:00
db:BIDid:91768date:2016-07-13T00:00:00
db:JVNDBid:JVNDB-2016-003760date:2016-07-20T00:00:00
db:NVDid:CVE-2016-4066date:2016-07-13T15:59:03.450
db:CNNVDid:CNNVD-201606-583date:2016-06-27T00:00:00