vulnerability

Fortinet FortiManager: CVE-2015-3615: Multiple Vulnerabilities in FortiManager

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:S/C:N/I:P/A:N)	Aug 11, 2017	Feb 12, 2018	Feb 12, 2018

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

Aug 11, 2017

Added

Feb 12, 2018

Modified

Feb 12, 2018

Description

Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving unspecified parameters and a privilege escalation attack.

Solutions

fortimanager-cve-2015-3615-1fortimanager-cve-2015-3615-2

References

BID-74444
CVE-2015-3615
https://attackerkb.com/topics/CVE-2015-3615
http://www.securityfocus.com/bid/74444
http://www.securitytracker.com/id/1032188
https://fortiguard.com/psirt/FG-IR-15-011

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report