Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2013-6826

Published: 20/11/2013 Updated: 20/11/2013
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Fortinet

Vulnerability Summary

cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer prior to 5.0.5 does not properly validate the csrf_token parameter, which allows remote malicious users to perform cross-site request forgery (CSRF) attacks.

Vulnerable Product Search on Vulmon Subscribe to Product

fortinet fortianalyzer_firmware

fortinet fortianalyzer-2000b -

fortinet fortianalyzer-200d -

fortinet fortianalyzer-4000b -

fortinet fortianalyzer-3000d -

fortinet fortianalyzer-1000d -

fortinet fortianalyzer-300d -

Exploits

Exploit DB: Fortinet FortiAnalyzer - Cross-Site Request Forgery
source: wwwsecurityfocuscom/bid/63663/info FortiAnalyzer is prone to a cross-site request-forgery vulnerability because it fails to properly validate HTTP requests Exploiting this issue may allow a remote attacker to perform certain unauthorized administrative actions in the context of the device running the affected application Other ...

References

CWE-352http://www.securityfocus.com/bid/63663http://packetstormsecurity.com/files/123980/fortianalyzer-xsrf.txthttps://nvd.nist.govhttps://www.exploit-db.com/exploits/38824/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook