Details of VAR-201609-0043

ID

VAR-201609-0043

CVE

CVE-2016-4969

TITLE

Fortinet FortiWAN load balancer appliance contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#724487

DESCRIPTION

Cross-site scripting (XSS) vulnerability in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote attackers to inject arbitrary web script or HTML via the IP parameter to script/statistics/getconn.php. The Fortinet FortiWAN (Ascernlink) network load balancer appliance contains multiple vulnerabilities. Fortinet FortiWAN is prone to multiple information-disclosure vulnerabilities, a command-injection vulnerability and a cross-site scripting vulnerability. A remote attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, or execute arbitrary commands, or gain access to sensitive information in the context of the affected device. Fortinet FortiWAN is a WAN link load balancing product developed by Fortinet

Trust: 2.7

sources: NVD: CVE-2016-4969 // CERT/CC: VU#724487 // JVNDB: JVNDB-2016-004872 // BID: 92779 // VULHUB: VHN-93788

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortiwan	scope:	lte	version:	4.2.4	Trust: 1.0
vendor:	fortinet	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	fortinet	model:	fortiwan	scope:	lt	version:	4.2.5	Trust: 0.8
vendor:	fortinet	model:	fortiwan	scope:	eq	version:	4.2.4	Trust: 0.6
vendor:	fortinet	model:	fortiwan	scope:	eq	version:	0	Trust: 0.3

sources: CERT/CC: VU#724487 // BID: 92779 // JVNDB: JVNDB-2016-004872 // CNNVD: CNNVD-201609-096 // NVD: CVE-2016-4969

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-4969
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-4969
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201609-096
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-93788
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-4969
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-93788
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-4969
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	2.7
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-93788 // JVNDB: JVNDB-2016-004872 // CNNVD: CNNVD-201609-096 // NVD: CVE-2016-4969

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-93788 // JVNDB: JVNDB-2016-004872 // NVD: CVE-2016-4969

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-096

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201609-096

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-004872

PATCH

title:	FortiWAN Multiple Vulnerabilities	url:	http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities	Trust: 0.8
title:	FortiWAN - Release Notes	url:	http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf	Trust: 0.8
title:	Fortinet FortiWAN Fixes for cross-site scripting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63919	Trust: 0.6

sources: JVNDB: JVNDB-2016-004872 // CNNVD: CNNVD-201609-096

EXTERNAL IDS

db:	CERT/CC	id:	VU#724487	Trust: 3.6
db:	NVD	id:	CVE-2016-4969	Trust: 2.8
db:	BID	id:	92779	Trust: 2.0
db:	JVN	id:	JVNVU97260486	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-004872	Trust: 0.8
db:	CNNVD	id:	CNNVD-201609-096	Trust: 0.7
db:	VULHUB	id:	VHN-93788	Trust: 0.1

sources: CERT/CC: VU#724487 // VULHUB: VHN-93788 // BID: 92779 // JVNDB: JVNDB-2016-004872 // CNNVD: CNNVD-201609-096 // NVD: CVE-2016-4969

REFERENCES

url:	http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf	Trust: 3.3
url:	https://www.kb.cert.org/vuls/id/724487	Trust: 2.8
url:	http://www.securityfocus.com/bid/92779	Trust: 1.7
url:	http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities	Trust: 1.7
url:	https://www.fortinet.com/products-services/products/wan-appliances/fortiwan.html	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4969	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu97260486/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4969	Trust: 0.8
url:	http://www.fortinet.com/	Trust: 0.3

sources: CERT/CC: VU#724487 // VULHUB: VHN-93788 // BID: 92779 // JVNDB: JVNDB-2016-004872 // CNNVD: CNNVD-201609-096 // NVD: CVE-2016-4969

CREDITS

Virgoteam (Fan-Syun Shih, Kun-Xian Lin, Yu-Chi, and Ding)

Trust: 0.9

sources: BID: 92779 // CNNVD: CNNVD-201609-096

SOURCES

db:	CERT/CC	id:	VU#724487
db:	VULHUB	id:	VHN-93788
db:	BID	id:	92779
db:	JVNDB	id:	JVNDB-2016-004872
db:	CNNVD	id:	CNNVD-201609-096
db:	NVD	id:	CVE-2016-4969

LAST UPDATE DATE

2025-04-13T23:17:52.615000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#724487	date:	2016-09-09T00:00:00
db:	VULHUB	id:	VHN-93788	date:	2016-09-21T00:00:00
db:	BID	id:	92779	date:	2016-09-06T00:00:00
db:	JVNDB	id:	JVNDB-2016-004872	date:	2016-09-27T00:00:00
db:	CNNVD	id:	CNNVD-201609-096	date:	2016-09-22T00:00:00
db:	NVD	id:	CVE-2016-4969	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#724487	date:	2016-09-06T00:00:00
db:	VULHUB	id:	VHN-93788	date:	2016-09-21T00:00:00
db:	BID	id:	92779	date:	2016-09-06T00:00:00
db:	JVNDB	id:	JVNDB-2016-004872	date:	2016-09-27T00:00:00
db:	CNNVD	id:	CNNVD-201609-096	date:	2016-09-07T00:00:00
db:	NVD	id:	CVE-2016-4969	date:	2016-09-21T14:25:11.143