NVD

Id
31373  
Name
CVE-2014-3115  
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Fortinet FortiWeb before 5.2.0 allow remote attackers to hijack the authentication of administrators via system/config/adminadd and other unspecified vectors.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2014-05-08  
Modified Date
2015-07-31  
Seq
2014-3115  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
164244 31373 CVE-2014-3115 20140507 Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability (CVE-2014-3115)  View
164245 31373 CVE-2014-3115 http://www.fortiguard.com/advisory/FG-IR-14-013/  View
164246 31373 CVE-2014-3115 VU#902790  View
164247 31373 CVE-2014-3115 1030200  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
13530 JVNDB-2014-002405 Fortinet Fortiweb におけるクロスサイトリクエストフォージェリの脆弱性 Fortinet が提供する Fortiweb には、クロスサイトリクエストフォージェリ (CWE-352) の脆弱性が存在します。 CVE-2014-3115 70402 CVE-2014-3115 31373 5.8 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002405.html 2014-05-07 2014-05-12 View