CVE-2016-4066 — Cross-Site Request Forgery in Fortinet Fortiweb
Severity
8.8HIGHNVD
EPSS
0.1%
top 66.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 13
Latest updateMay 17
Description
Cross-site request forgery (CSRF) vulnerability in Fortinet FortiWeb before 5.5.3 allows remote attackers to hijack the authentication of administrators for requests that change the password via unspecified vectors.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9