Details of VAR-201705-3940

ID

VAR-201705-3940

CVE

CVE-2017-7343

TITLE

Fortinet FortiPortal Open redirect vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-004227

DESCRIPTION

An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below allows attacker to execute unauthorized code or commands via the url parameter. Fortinet FortiPortal Contains an open redirect vulnerability.Information may be obtained and information may be altered. FortiPortal is prone to the following multiple security vulnerabilities. An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, bypass security restriction and perform unauthorized actions, redirect users to an attacker-controlled site or obtain sensitive information. Versions prior to FortiPortal 4.0.1 are vulnerable. Fortinet FortiPortal is a product developed by Fortinet to help Managed Security Service Provider (MSSP) operate cloud-based security management and log retention services

Trust: 1.98

sources: NVD: CVE-2017-7343 // JVNDB: JVNDB-2017-004227 // BID: 98484 // VULHUB: VHN-115546

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortiportal	scope:	lte	version:	4.0.0	Trust: 1.8
vendor:	fortinet	model:	fortiportal	scope:	eq	version:	4.0.0	Trust: 0.6
vendor:	fortinet	model:	fortiportal	scope:	eq	version:	4.0	Trust: 0.3
vendor:	fortinet	model:	fortiportal	scope:	ne	version:	4.0.1	Trust: 0.3

sources: BID: 98484 // JVNDB: JVNDB-2017-004227 // NVD: CVE-2017-7343 // CNNVD: CNNVD-201703-1371

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2017-7343
value:	MEDIUM
Trust: 1.8
CNNVD:	CNNVD-201703-1371
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-115546
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	TRUE
version:	2.0
Trust: 1.0
NVD:	CVE-2017-7343
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-115546
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	2.7
version:	3.0
Trust: 1.0
NVD:	CVE-2017-7343
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-115546 // JVNDB: JVNDB-2017-004227 // NVD: CVE-2017-7343 // CNNVD: CNNVD-201703-1371

PROBLEMTYPE DATA

problemtype:

CWE-601

Trust: 1.9

sources: VULHUB: VHN-115546 // JVNDB: JVNDB-2017-004227 // NVD: CVE-2017-7343

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-1371

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201703-1371

CONFIGURATIONS

sources: NVD: CVE-2017-7343

PATCH

title:

FortiPortal Multiple Vulnerabilities

url:

https://fortiguard.com/psirt/fg-ir-17-114

Trust: 0.8

sources: JVNDB: JVNDB-2017-004227

EXTERNAL IDS

db:	NVD	id:	CVE-2017-7343	Trust: 2.8
db:	JVNDB	id:	JVNDB-2017-004227	Trust: 0.8
db:	CNNVD	id:	CNNVD-201703-1371	Trust: 0.7
db:	BID	id:	98484	Trust: 0.3
db:	VULHUB	id:	VHN-115546	Trust: 0.1

sources: VULHUB: VHN-115546 // BID: 98484 // JVNDB: JVNDB-2017-004227 // NVD: CVE-2017-7343 // CNNVD: CNNVD-201703-1371

REFERENCES

url:	https://fortiguard.com/psirt/fg-ir-17-114	Trust: 2.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7343	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7343	Trust: 0.8
url:	http://www.fortinet.com/	Trust: 0.3

sources: VULHUB: VHN-115546 // BID: 98484 // JVNDB: JVNDB-2017-004227 // NVD: CVE-2017-7343 // CNNVD: CNNVD-201703-1371

CREDITS

David Tredger, Senior Security Consultant, Aura Information Security

Trust: 0.3

sources: BID: 98484

SOURCES

db:	VULHUB	id:	VHN-115546
db:	BID	id:	98484
db:	JVNDB	id:	JVNDB-2017-004227
db:	NVD	id:	CVE-2017-7343
db:	CNNVD	id:	CNNVD-201703-1371

LAST UPDATE DATE

2023-12-18T12:19:46.179000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-115546	date:	2017-05-31T00:00:00
db:	BID	id:	98484	date:	2017-05-15T00:00:00
db:	JVNDB	id:	JVNDB-2017-004227	date:	2017-06-20T00:00:00
db:	NVD	id:	CVE-2017-7343	date:	2017-05-31T13:59:06.463
db:	CNNVD	id:	CNNVD-201703-1371	date:	2017-05-27T00:00:00

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-115546	date:	2017-05-27T00:00:00
db:	BID	id:	98484	date:	2017-05-15T00:00:00
db:	JVNDB	id:	JVNDB-2017-004227	date:	2017-06-20T00:00:00
db:	NVD	id:	CVE-2017-7343	date:	2017-05-27T00:29:01.223
db:	CNNVD	id:	CNNVD-201703-1371	date:	2017-03-31T00:00:00