CVE-2015-3616

CWE-89SQL Injection3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.8%
top 25.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Fortinet Fortimanager Firmware
Timeline
PublishedAug 11
Latest updateMay 17

Description

SQL injection vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to execute arbitrary commands via unspecified parameters.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDfortinet/fortimanager_firmware13 versions+12

🔴Vulnerability Details

2
GHSA
GHSA-pjc2-fghh-wx28: SQL injection vulnerability in Fortinet FortiManager 52022-05-17
CVEList
CVE-2015-3616: SQL injection vulnerability in Fortinet FortiManager 52017-08-11
CVE-2015-3616 (CRITICAL CVSS 9.8) | SQL injection vulnerability in Fort | cvebase.io