Sign-up

ID

VAR-201609-0042


CVE

CVE-2016-4968


TITLE

Fortinet FortiWAN load balancer appliance contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#724487

DESCRIPTION

The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to discover administrator cookies via a GET request. The Fortinet FortiWAN (Ascernlink) network load balancer appliance contains multiple vulnerabilities. Fortinet FortiWAN is prone to multiple information-disclosure vulnerabilities, a command-injection vulnerability and a cross-site scripting vulnerability. A remote attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, or execute arbitrary commands, or gain access to sensitive information in the context of the affected device. Fortinet FortiWAN is a WAN link load balancing product developed by Fortinet. There is a security vulnerability in the linkreport/tmp/admin_global page in Fortinet FortiWAN 4.2.4 and earlier

Trust: 2.7

sources: NVD: CVE-2016-4968 // CERT/CC: VU#724487 // JVNDB: JVNDB-2016-004871 // BID: 92779 // VULHUB: VHN-93787

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiwanscope:lteversion:4.2.4

Trust: 1.0

vendor:fortinetmodel: - scope: - version: -

Trust: 0.8

vendor:fortinetmodel:fortiwanscope:ltversion:4.2.5

Trust: 0.8

vendor:fortinetmodel:fortiwanscope:eqversion:4.2.4

Trust: 0.6

vendor:fortinetmodel:fortiwanscope:eqversion:0

Trust: 0.3

sources: CERT/CC: VU#724487 // BID: 92779 // JVNDB: JVNDB-2016-004871 // CNNVD: CNNVD-201609-095 // NVD: CVE-2016-4968

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4968
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-4968
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201609-095
value: MEDIUM

Trust: 0.6

VULHUB: VHN-93787
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-4968
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-93787
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-4968
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-93787 // JVNDB: JVNDB-2016-004871 // CNNVD: CNNVD-201609-095 // NVD: CVE-2016-4968

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-93787 // JVNDB: JVNDB-2016-004871 // NVD: CVE-2016-4968

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-095

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201609-095

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-004871

PATCH
title:FortiWAN Multiple Vulnerabilitiesurl:http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities
Trust: 0.8
title:FortiWAN - Release Notesurl:http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf
Trust: 0.8
title:Fortinet FortiWAN Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63918
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-004871 // 
            
            
            
            CNNVD: CNNVD-201609-095

EXTERNAL IDS
db:CERT/CCid:VU#724487
Trust: 3.6
db:NVDid:CVE-2016-4968
Trust: 2.8
db:BIDid:92779
Trust: 2.0
db:JVNid:JVNVU97260486
Trust: 0.8
db:JVNDBid:JVNDB-2016-004871
Trust: 0.8
db:CNNVDid:CNNVD-201609-095
Trust: 0.7
db:VULHUBid:VHN-93787
Trust: 0.1
sources:
            
            
            CERT/CC: VU#724487 // 
            
            
            
            VULHUB: VHN-93787 // 
            
            
            
            BID: 92779 // 
            
            
            
            JVNDB: JVNDB-2016-004871 // 
            
            
            
            CNNVD: CNNVD-201609-095 // 
            
            
            
            NVD: CVE-2016-4968

REFERENCES
url:http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf
Trust: 3.3
url:https://www.kb.cert.org/vuls/id/724487
Trust: 2.8
url:http://www.securityfocus.com/bid/92779
Trust: 1.7
url:http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities
Trust: 1.7
url:https://www.fortinet.com/products-services/products/wan-appliances/fortiwan.html
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4968
Trust: 0.8
url:https://jvn.jp/vu/jvnvu97260486/
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4968
Trust: 0.8
url:http://www.fortinet.com/
Trust: 0.3
sources:
            
            
            CERT/CC: VU#724487 // 
            
            
            
            VULHUB: VHN-93787 // 
            
            
            
            BID: 92779 // 
            
            
            
            JVNDB: JVNDB-2016-004871 // 
            
            
            
            CNNVD: CNNVD-201609-095 // 
            
            
            
            NVD: CVE-2016-4968

CREDITS
Virgoteam (Fan-Syun Shih, Kun-Xian Lin, Yu-Chi, and Ding)
Trust: 0.9
sources:
            
            
            BID: 92779 // 
            
            
            
            CNNVD: CNNVD-201609-095

SOURCES
db:CERT/CCid:VU#724487
db:VULHUBid:VHN-93787
db:BIDid:92779
db:JVNDBid:JVNDB-2016-004871
db:CNNVDid:CNNVD-201609-095
db:NVDid:CVE-2016-4968

LAST UPDATE DATE
2025-04-13T23:17:52.686000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#724487date:2016-09-09T00:00:00
db:VULHUBid:VHN-93787date:2016-09-21T00:00:00
db:BIDid:92779date:2016-09-06T00:00:00
db:JVNDBid:JVNDB-2016-004871date:2016-09-27T00:00:00
db:CNNVDid:CNNVD-201609-095date:2016-09-22T00:00:00
db:NVDid:CVE-2016-4968date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CERT/CCid:VU#724487date:2016-09-06T00:00:00
db:VULHUBid:VHN-93787date:2016-09-21T00:00:00
db:BIDid:92779date:2016-09-06T00:00:00
db:JVNDBid:JVNDB-2016-004871date:2016-09-27T00:00:00
db:CNNVDid:CNNVD-201609-095date:2016-09-07T00:00:00
db:NVDid:CVE-2016-4968date:2016-09-21T14:25:10.173