Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:FortiOS Local Security Checks
Title:Fortinet FortiAuthenticator Appliance Multiple Security Vulnerabilities (FG-IR-15-003)
Summary:Fortinet FortiAuthenticator Appliance is prone to multiple vulnerabilities.
Fortinet FortiAuthenticator Appliance is prone to multiple vulnerabilities.

Vulnerability Insight:
The following flaws exist:

1. A cross-site scripting vulnerability

2. A command-execution vulnerability

3. Multiple information-disclosure vulnerabilities

Vulnerability Impact:
An attacker can exploit these issues to execute arbitrary script code
in the context of the vulnerable site, potentially allowing the attacker to steal cookie-based authentication
credentials, execute arbitrary commands and gain access to potentially sensitive information.

Affected Software/OS:
FortiAuthenticator lower than 3.2.1

Update to FortiAuthenticator 3.2.1 or later.

CVSS Score:

CVSS Vector:

Cross-Ref: BugTraq ID: 72378
Common Vulnerability Exposure (CVE) ID: CVE-2015-1456
Common Vulnerability Exposure (CVE) ID: CVE-2015-1455
Common Vulnerability Exposure (CVE) ID: CVE-2015-1457
XForce ISS Database: fortinetfortiauthenticator-dig-info-disc(100560)
Common Vulnerability Exposure (CVE) ID: CVE-2015-1459
XForce ISS Database: fortinetfortiauthenticator-scep-xss(100561)
Common Vulnerability Exposure (CVE) ID: CVE-2015-1458
XForce ISS Database: fortinetfortiauthenticator-shell-sec-bypass(100559)
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2024 E-Soft Inc. All rights reserved.