← back
CVE-2014-3115

CVE-2014-3115

EPSS 1.2%
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Fortinet FortiWeb before 5.2.0 allow remote attackers to hijack the authentication of administrators via system/config/adminadd and other unspecified vectors.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/fulldisclosure/2014/May/30http://www.fortiguard.com/advisory/FG-IR-14-013/http://www.kb.cert.org/vuls/id/902790http://www.securitytracker.com/id/1030200