Test Kennung:	1.3.6.1.4.1.25623.1.0.105200
Kategorie:	FortiOS Local Security Checks
Titel:	Fortinet FortiAnalyzer Multiple XSS Vulnerabilities (FG-IR-14-033)
Zusammenfassung:	FortiAnalyzer is prone to multiple cross-site-scripting (XSS); vulnerabilities because it fails to properly sanitize user-supplied input.
Beschreibung:	Summary: FortiAnalyzer is prone to multiple cross-site-scripting (XSS) vulnerabilities because it fails to properly sanitize user-supplied input. Vulnerability Impact: An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Affected Software/OS: Versions prior to 5.0.7 are vulnerable. Solution: Update to version 5.0.7 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	BugTraq ID: 70887 Common Vulnerability Exposure (CVE) ID: CVE-2014-2334 http://www.securityfocus.com/bid/70887 http://secunia.com/advisories/61309 XForce ISS Database: fortimanageranalyzer-cve20142334-xss(98477) https://exchange.xforce.ibmcloud.com/vulnerabilities/98477 Common Vulnerability Exposure (CVE) ID: CVE-2014-2335 XForce ISS Database: fortimanageranalyzer-cve20142335-xss(98478) https://exchange.xforce.ibmcloud.com/vulnerabilities/98478 Common Vulnerability Exposure (CVE) ID: CVE-2014-2336 BugTraq ID: 70889 http://www.securityfocus.com/bid/70889 XForce ISS Database: fortimanageranalyzer-cve20142336-xss(98479) https://exchange.xforce.ibmcloud.com/vulnerabilities/98479
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.