Sign-up

ID

VAR-201705-3937


CVE

CVE-2017-7337


TITLE

Fortinet FortiPortal Access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-004224

DESCRIPTION

An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to interact with unauthorized VDOMs or enumerate other ADOMs via another user's stolen session and CSRF tokens or the adomName parameter in the /fpc/sec/customer/policy/getAdomVersion request. Fortinet FortiPortal Contains an access control vulnerability.Information may be obtained and information may be altered. FortiPortal is prone to the following multiple security vulnerabilities. An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, bypass security restriction and perform unauthorized actions, redirect users to an attacker-controlled site or obtain sensitive information. Versions prior to FortiPortal 4.0.1 are vulnerable. Fortinet FortiPortal is a product developed by Fortinet to help Managed Security Service Provider (MSSP) operate cloud-based security management and log retention services. An access control error vulnerability exists in Fortinet FortiPortal 4.0.0 and earlier versions

Trust: 1.98

sources: NVD: CVE-2017-7337 // JVNDB: JVNDB-2017-004224 // BID: 98484 // VULHUB: VHN-115540

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiportalscope:lteversion:4.0.0

Trust: 1.8

vendor:fortinetmodel:fortiportalscope:eqversion:4.0.0

Trust: 0.6

vendor:fortinetmodel:fortiportalscope:eqversion:4.0

Trust: 0.3

vendor:fortinetmodel:fortiportalscope:neversion:4.0.1

Trust: 0.3

sources: BID: 98484 // JVNDB: JVNDB-2017-004224 // NVD: CVE-2017-7337 // CNNVD: CNNVD-201703-1377

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2017-7337
value: CRITICAL

Trust: 1.8

CNNVD: CNNVD-201703-1377
value: CRITICAL

Trust: 0.6

VULHUB: VHN-115540
value: MEDIUM

Trust: 0.1

NVD:
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

NVD: CVE-2017-7337
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-115540
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

NVD:
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 5.2
version: 3.0

Trust: 1.0

NVD: CVE-2017-7337
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-115540 // JVNDB: JVNDB-2017-004224 // NVD: CVE-2017-7337 // CNNVD: CNNVD-201703-1377

PROBLEMTYPE DATA

problemtype:CWE-732

Trust: 1.1

problemtype:CWE-284

Trust: 0.9

sources: VULHUB: VHN-115540 // JVNDB: JVNDB-2017-004224 // NVD: CVE-2017-7337

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-1377

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201703-1377

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2017-7337

PATCH
title:FortiPortal Multiple Vulnerabilitiesurl:https://fortiguard.com/psirt/fg-ir-17-114
Trust: 0.8
title:Fortinet FortiPortal Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=100386
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2017-004224 // 
            
            
            
            CNNVD: CNNVD-201703-1377

EXTERNAL IDS
db:NVDid:CVE-2017-7337
Trust: 2.8
db:JVNDBid:JVNDB-2017-004224
Trust: 0.8
db:CNNVDid:CNNVD-201703-1377
Trust: 0.7
db:BIDid:98484
Trust: 0.3
db:VULHUBid:VHN-115540
Trust: 0.1
sources:
            
            
            VULHUB: VHN-115540 // 
            
            
            
            BID: 98484 // 
            
            
            
            JVNDB: JVNDB-2017-004224 // 
            
            
            
            NVD: CVE-2017-7337 // 
            
            
            
            CNNVD: CNNVD-201703-1377

REFERENCES
url:https://fortiguard.com/psirt/fg-ir-17-114
Trust: 2.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7337
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-7337
Trust: 0.8
url:http://www.fortinet.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-115540 // 
            
            
            
            BID: 98484 // 
            
            
            
            JVNDB: JVNDB-2017-004224 // 
            
            
            
            NVD: CVE-2017-7337 // 
            
            
            
            CNNVD: CNNVD-201703-1377

CREDITS
David Tredger, Senior Security Consultant, Aura Information Security
Trust: 0.3
sources:
            
            
            BID: 98484

SOURCES
db:VULHUBid:VHN-115540
db:BIDid:98484
db:JVNDBid:JVNDB-2017-004224
db:NVDid:CVE-2017-7337
db:CNNVDid:CNNVD-201703-1377

LAST UPDATE DATE
2023-12-18T12:19:46.211000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-115540date:2019-10-03T00:00:00
db:BIDid:98484date:2017-05-15T00:00:00
db:JVNDBid:JVNDB-2017-004224date:2017-06-20T00:00:00
db:NVDid:CVE-2017-7337date:2019-10-03T00:03:26.223
db:CNNVDid:CNNVD-201703-1377date:2019-10-23T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-115540date:2017-05-27T00:00:00
db:BIDid:98484date:2017-05-15T00:00:00
db:JVNDBid:JVNDB-2017-004224date:2017-06-20T00:00:00
db:NVDid:CVE-2017-7337date:2017-05-27T00:29:01.113
db:CNNVDid:CNNVD-201703-1377date:2017-03-31T00:00:00