Sign-up

ID

VAR-201609-0041


CVE

CVE-2016-4967


TITLE

Fortinet FortiWAN load balancer appliance contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#724487

DESCRIPTION

Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to obtain sensitive information from (1) a backup of the device configuration via script/cfg_show.php or (2) PCAP files via script/system/tcpdump.php. The Fortinet FortiWAN (Ascernlink) network load balancer appliance contains multiple vulnerabilities. Fortinet FortiWan ( Old AscenLink) Contains a vulnerability in which important information is obtained.The following important information can be obtained by a remotely authenticated user. Fortinet FortiWAN is prone to multiple information-disclosure vulnerabilities, a command-injection vulnerability and a cross-site scripting vulnerability. A remote attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, or execute arbitrary commands, or gain access to sensitive information in the context of the affected device. Fortinet FortiWAN is a WAN link load balancing product developed by Fortinet. A security vulnerability exists in Fortinet FortiWAN 4.2.4 and earlier

Trust: 2.7

sources: NVD: CVE-2016-4967 // CERT/CC: VU#724487 // JVNDB: JVNDB-2016-004870 // BID: 92779 // VULHUB: VHN-93786

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiwanscope:lteversion:4.2.4

Trust: 1.0

vendor:fortinetmodel: - scope: - version: -

Trust: 0.8

vendor:fortinetmodel:fortiwanscope:ltversion:4.2.5

Trust: 0.8

vendor:fortinetmodel:fortiwanscope:eqversion:4.2.4

Trust: 0.6

vendor:fortinetmodel:fortiwanscope:eqversion:0

Trust: 0.3

sources: CERT/CC: VU#724487 // BID: 92779 // JVNDB: JVNDB-2016-004870 // CNNVD: CNNVD-201609-094 // NVD: CVE-2016-4967

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4967
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-4967
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201609-094
value: MEDIUM

Trust: 0.6

VULHUB: VHN-93786
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-4967
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-93786
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-4967
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-93786 // JVNDB: JVNDB-2016-004870 // CNNVD: CNNVD-201609-094 // NVD: CVE-2016-4967

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-93786 // JVNDB: JVNDB-2016-004870 // NVD: CVE-2016-4967

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-094

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201609-094

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-004870

PATCH
title:FortiWAN Multiple Vulnerabilitiesurl:http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities
Trust: 0.8
title:FortiWAN - Release Notesurl:http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf
Trust: 0.8
title:Fortinet FortiWAN Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63917
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-004870 // 
            
            
            
            CNNVD: CNNVD-201609-094

EXTERNAL IDS
db:CERT/CCid:VU#724487
Trust: 3.6
db:NVDid:CVE-2016-4967
Trust: 2.8
db:BIDid:92779
Trust: 2.0
db:JVNid:JVNVU97260486
Trust: 0.8
db:JVNDBid:JVNDB-2016-004870
Trust: 0.8
db:CNNVDid:CNNVD-201609-094
Trust: 0.7
db:VULHUBid:VHN-93786
Trust: 0.1
sources:
            
            
            CERT/CC: VU#724487 // 
            
            
            
            VULHUB: VHN-93786 // 
            
            
            
            BID: 92779 // 
            
            
            
            JVNDB: JVNDB-2016-004870 // 
            
            
            
            CNNVD: CNNVD-201609-094 // 
            
            
            
            NVD: CVE-2016-4967

REFERENCES
url:http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf
Trust: 3.3
url:https://www.kb.cert.org/vuls/id/724487
Trust: 2.8
url:http://www.securityfocus.com/bid/92779
Trust: 1.7
url:http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities
Trust: 1.7
url:https://www.fortinet.com/products-services/products/wan-appliances/fortiwan.html
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4967
Trust: 0.8
url:https://jvn.jp/vu/jvnvu97260486/
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4967
Trust: 0.8
url:http://www.fortinet.com/
Trust: 0.3
sources:
            
            
            CERT/CC: VU#724487 // 
            
            
            
            VULHUB: VHN-93786 // 
            
            
            
            BID: 92779 // 
            
            
            
            JVNDB: JVNDB-2016-004870 // 
            
            
            
            CNNVD: CNNVD-201609-094 // 
            
            
            
            NVD: CVE-2016-4967

CREDITS
Virgoteam (Fan-Syun Shih, Kun-Xian Lin, Yu-Chi, and Ding)
Trust: 0.9
sources:
            
            
            BID: 92779 // 
            
            
            
            CNNVD: CNNVD-201609-094

SOURCES
db:CERT/CCid:VU#724487
db:VULHUBid:VHN-93786
db:BIDid:92779
db:JVNDBid:JVNDB-2016-004870
db:CNNVDid:CNNVD-201609-094
db:NVDid:CVE-2016-4967

LAST UPDATE DATE
2025-04-13T23:17:52.651000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#724487date:2016-09-09T00:00:00
db:VULHUBid:VHN-93786date:2016-09-21T00:00:00
db:BIDid:92779date:2016-09-06T00:00:00
db:JVNDBid:JVNDB-2016-004870date:2016-09-27T00:00:00
db:CNNVDid:CNNVD-201609-094date:2016-09-22T00:00:00
db:NVDid:CVE-2016-4967date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CERT/CCid:VU#724487date:2016-09-06T00:00:00
db:VULHUBid:VHN-93786date:2016-09-21T00:00:00
db:BIDid:92779date:2016-09-06T00:00:00
db:JVNDBid:JVNDB-2016-004870date:2016-09-27T00:00:00
db:CNNVDid:CNNVD-201609-094date:2016-09-07T00:00:00
db:NVDid:CVE-2016-4967date:2016-09-21T14:25:09.080