Test Kennung:	1.3.6.1.4.1.25623.1.0.105866
Kategorie:	FortiOS Local Security Checks
Titel:	Fortinet FortiAnalyzer Multiple XSS Vulnerabilities (FG-IR-16-015, FG-IR-16-017)
Zusammenfassung:	Fortinet FortiAnalyzer is prone to multiple cross-site; scripting (XSS) vulnerabilities.
Beschreibung:	Summary: Fortinet FortiAnalyzer is prone to multiple cross-site scripting (XSS) vulnerabilities. Vulnerability Insight: The following flaws exist: - CVE-2016-3193: A vulnerability in FortiAnalyzer address added page could allow malicious script being injected in the input field. - CVE-2016-3195: A client side XSS vulnerability could allow malicious script being injected in the Web-UI. Affected Software/OS: Fortinet FortiAnalyzer version 5.0.0 through 5.0.11 and 5.2.0 through 5.2.5. Solution: Update to version 5.0.12, 5.2.6, 5.4.0 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3193 BugTraq ID: 92458 http://www.securityfocus.com/bid/92458 http://www.securitytracker.com/id/1036550 Common Vulnerability Exposure (CVE) ID: CVE-2016-3195 BugTraq ID: 92453 http://www.securityfocus.com/bid/92453
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.