var-201608-0287
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in Fortinet FortiAnalyzer 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 allows remote authenticated users to inject arbitrary web script or HTML via the filename of an image uploaded in the report section. Multiple Fortinet Products are prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Both Fortinet FortiAnalyzer and FortiManager are products of Fortinet. The former is a centralized network security reporting solution, and the latter is a centralized network security management solution. A cross-site scripting vulnerability exists in Fortinet FortiAnalyzer 5.x prior to 5.2.6 and FortiManager 5.x prior to 5.2.6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201608-0287",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "5.2.3"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "5.2.1"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "5.2.0"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "5.0.10"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "5.2.5"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "5.0.0"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "5.2.4"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "5.0.4"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.2.0"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.0.10"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.2.5"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.2.4"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.2.2"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.0.6"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.0.9"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.0.4"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.2.2"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.2.3"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.2.1"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.8,
"vendor": "fortinet",
"version": "5.2.6"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 0.8,
"vendor": "fortinet",
"version": "5.2.6"
},
{
"model": "fortianalyzer",
"scope": "lt",
"trust": 0.8,
"vendor": "fortinet",
"version": "5.x"
},
{
"model": "fortimanager",
"scope": "lt",
"trust": 0.8,
"vendor": "fortinet",
"version": "5.x"
},
{
"model": "fortimom-vm",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "fortimanager virtual appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "fortimanager 400c",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortimanager 400b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortimanager 400a",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortimanager 4000e",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortimanager 4000d",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortimanager 3900e",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortimanager 300d",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortimanager 3000c",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortimanager 200d",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortimanager 1000d",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortimanager 1000c",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "100"
},
{
"model": "fortianalyzer vm gb500",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "fortianalyzer vm gb5",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "fortianalyzer vm gb25",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "fortianalyzer vm gb2000",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "fortianalyzer vm gb100",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "fortianalyzer vm gb1",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "fortianalyzer vm base",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "fortianalyzer 3900e",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortianalyzer 3500e",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortianalyzer 300d",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortianalyzer 3000e",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortianalyzer 200d",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortianalyzer 2000b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortianalyzer 1000d",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "92203"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004160"
},
{
"db": "NVD",
"id": "CVE-2016-3196"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-095"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortimanager_firmware:5.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3196"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marco Onorati",
"sources": [
{
"db": "BID",
"id": "92203"
}
],
"trust": 0.3
},
"cve": "CVE-2016-3196",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-3196",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-92015",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-3196",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-3196",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201608-095",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-92015",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92015"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004160"
},
{
"db": "NVD",
"id": "CVE-2016-3196"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-095"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Fortinet FortiAnalyzer 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 allows remote authenticated users to inject arbitrary web script or HTML via the filename of an image uploaded in the report section. Multiple Fortinet Products are prone to a security-bypass vulnerability. \nAttackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Both Fortinet FortiAnalyzer and FortiManager are products of Fortinet. The former is a centralized network security reporting solution, and the latter is a centralized network security management solution. A cross-site scripting vulnerability exists in Fortinet FortiAnalyzer 5.x prior to 5.2.6 and FortiManager 5.x prior to 5.2.6",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3196"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004160"
},
{
"db": "BID",
"id": "92203"
},
{
"db": "VULHUB",
"id": "VHN-92015"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-3196",
"trust": 2.5
},
{
"db": "BID",
"id": "92203",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1036550",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1036551",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004160",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201608-095",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-92015",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92015"
},
{
"db": "BID",
"id": "92203"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004160"
},
{
"db": "NVD",
"id": "CVE-2016-3196"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-095"
}
]
},
"id": "VAR-201608-0287",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-92015"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:05:44.907000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FortiManager and FortiAnalyzer Persistent XSS vulnerability",
"trust": 0.8,
"url": "http://fortiguard.com/advisory/fortimanager-and-fortianalyzer-persistent-xss-vulnerability"
},
{
"title": "Fortinet FortiAnalyzer and FortiManager Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63487"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004160"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-095"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92015"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004160"
},
{
"db": "NVD",
"id": "CVE-2016-3196"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://fortiguard.com/advisory/fortimanager-and-fortianalyzer-persistent-xss-vulnerability"
},
{
"trust": 1.4,
"url": "http://seclists.org/fulldisclosure/2016/aug/4"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/92203"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/539069/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vulnerability-lab.com/get_content.php?id=1687"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036550"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036551"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3196"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3196"
},
{
"trust": 0.3,
"url": "http://www.fortinet.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92015"
},
{
"db": "BID",
"id": "92203"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004160"
},
{
"db": "NVD",
"id": "CVE-2016-3196"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-095"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-92015"
},
{
"db": "BID",
"id": "92203"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004160"
},
{
"db": "NVD",
"id": "CVE-2016-3196"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-095"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-05T00:00:00",
"db": "VULHUB",
"id": "VHN-92015"
},
{
"date": "2016-08-01T00:00:00",
"db": "BID",
"id": "92203"
},
{
"date": "2016-08-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004160"
},
{
"date": "2016-08-05T14:59:06.547000",
"db": "NVD",
"id": "CVE-2016-3196"
},
{
"date": "2016-08-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-095"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-92015"
},
{
"date": "2016-08-01T00:00:00",
"db": "BID",
"id": "92203"
},
{
"date": "2016-08-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004160"
},
{
"date": "2018-10-09T19:59:48.130000",
"db": "NVD",
"id": "CVE-2016-3196"
},
{
"date": "2016-08-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-095"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-095"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fortinet FortiAnalyzer and FortiManager Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004160"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-095"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.