cnvd - cnvd-2018-10945

CNVD-2018-10945

Vulnerability from cnvd - Published: 2018-06-05

Title

Fortinet FortiAuthenticator跨站脚本漏洞（CNVD-2018-10945）

Description

Fortinet FortiAuthenticator是用户身份管理设备，可通过简化和集中用户身份信息的管理和存储增强企业安全性。 5.3.0之前的Fortinet FortiAuthenticator中的“CSRF验证失败”页面存在跨站脚本漏洞。攻击者可通过将恶意脚本注入HTTP referer header利用该漏洞执行未经授权的脚本代码。

Severity

中

Patch Name

Fortinet FortiAuthenticator跨站脚本漏洞（CNVD-2018-10945）的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://fortiguard.com/psirt/FG-IR-18-059

Reference

https://nvd.nist.gov/vuln/detail/CVE-2018-9186

Impacted products

Name
Fortinet FortiAuthenticator <5.3.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-9186"
    }
  },
  "description": "Fortinet FortiAuthenticator\u662f\u7528\u6237\u8eab\u4efd\u7ba1\u7406\u8bbe\u5907\uff0c\u53ef\u901a\u8fc7\u7b80\u5316\u548c\u96c6\u4e2d\u7528\u6237\u8eab\u4efd\u4fe1\u606f\u7684\u7ba1\u7406\u548c\u5b58\u50a8\u589e\u5f3a\u4f01\u4e1a\u5b89\u5168\u6027\u3002\r\n\r\n5.3.0\u4e4b\u524d\u7684Fortinet FortiAuthenticator\u4e2d\u7684\u201cCSRF\u9a8c\u8bc1\u5931\u8d25\u201d\u9875\u9762\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5c06\u6076\u610f\u811a\u672c\u6ce8\u5165HTTP referer header\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u672a\u7ecf\u6388\u6743\u7684\u811a\u672c\u4ee3\u7801\u3002",
  "discovererName": "Unknow",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://fortiguard.com/psirt/FG-IR-18-059",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-10945",
  "openTime": "2018-06-05",
  "patchDescription": "Fortinet FortiAuthenticator\u662f\u7528\u6237\u8eab\u4efd\u7ba1\u7406\u8bbe\u5907\uff0c\u53ef\u901a\u8fc7\u7b80\u5316\u548c\u96c6\u4e2d\u7528\u6237\u8eab\u4efd\u4fe1\u606f\u7684\u7ba1\u7406\u548c\u5b58\u50a8\u589e\u5f3a\u4f01\u4e1a\u5b89\u5168\u6027\u3002\r\n\r\n5.3.0\u4e4b\u524d\u7684Fortinet FortiAuthenticator\u4e2d\u7684\u201cCSRF\u9a8c\u8bc1\u5931\u8d25\u201d\u9875\u9762\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5c06\u6076\u610f\u811a\u672c\u6ce8\u5165HTTP referer header\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u672a\u7ecf\u6388\u6743\u7684\u811a\u672c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Fortinet FortiAuthenticator\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2018-10945\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Fortinet FortiAuthenticator \u003c5.3.0"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-9186",
  "serverity": "\u4e2d",
  "submitTime": "2018-06-01",
  "title": "Fortinet FortiAuthenticator\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2018-10945\uff09"
}

CVE-2018-9186 (GCVE-0-2018-9186)

Vulnerability from cvelistv5 – Published: 2018-05-31 22:00 – Updated: 2024-10-25 14:09

Summary

A cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator in versions 4.0.0 to before 5.3.0 "CSRF validation failure" page allows attacker to execute unauthorized script code via inject malicious scripts in HTTP referer header.

Severity ?

No CVSS data available.

CWE

Execute unauthorized code or commands

Assigner

fortinet

References

URL

Tags

	https://fortiguard.com/advisory/FG-IR-18-059	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/104371	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	Fortinet, Inc.	FortiAuthenticator	Affected: below 5.3.0 versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:17:51.677Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://fortiguard.com/advisory/FG-IR-18-059"
          },
          {
            "name": "104371",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104371"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-9186",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T14:00:20.619763Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-25T14:09:37.923Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FortiAuthenticator",
          "vendor": "Fortinet, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "below 5.3.0 versions"
            }
          ]
        }
      ],
      "datePublic": "2018-05-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator in versions 4.0.0 to before 5.3.0 \"CSRF validation failure\" page allows attacker to execute unauthorized script code via inject malicious scripts in HTTP referer header."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-21T21:12:49",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://fortiguard.com/advisory/FG-IR-18-059"
        },
        {
          "name": "104371",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104371"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@fortinet.com",
          "DATE_PUBLIC": "2018-05-29T00:00:00",
          "ID": "CVE-2018-9186",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "FortiAuthenticator",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "below 5.3.0 versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Fortinet, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator in versions 4.0.0 to before 5.3.0 \"CSRF validation failure\" page allows attacker to execute unauthorized script code via inject malicious scripts in HTTP referer header."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Execute unauthorized code or commands"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fortiguard.com/advisory/FG-IR-18-059",
              "refsource": "CONFIRM",
              "url": "https://fortiguard.com/advisory/FG-IR-18-059"
            },
            {
              "name": "104371",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104371"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2018-9186",
    "datePublished": "2018-05-31T22:00:00Z",
    "dateReserved": "2018-04-02T00:00:00",
    "dateUpdated": "2024-10-25T14:09:37.923Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-10945

CVE-2018-9186 (GCVE-0-2018-9186)

Tags

Sightings

Nomenclature