CVE-2017-3126

CWE-601Open Redirect4 documents4 sources
Severity
6.1MEDIUM
EPSS
0.2%
top 52.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fortinet Fortianalyzer FirmwareFortinet Fortimanager Firmware
Timeline
PublishedMay 27
Latest updateMay 17

Description

An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

NVDfortinet/fortimanager_firmware5.4.0, 5.4.1, 5.4.2+2
NVDfortinet/fortianalyzer_firmware5.4.0, 5.4.1, 5.4.2+2

🔴Vulnerability Details

2
GHSA
GHSA-j5fw-jqr7-2j8g: An Open Redirect vulnerability in Fortinet FortiAnalyzer 52022-05-17
CVEList
CVE-2017-3126: An Open Redirect vulnerability in Fortinet FortiAnalyzer 52017-05-26

📋Vendor Advisories

1
Fortinet
An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows...2017-05-27
CVE-2017-3126 (MEDIUM CVSS 6.1) | An Open Redirect vulnerability in F | cvebase.io