CVE-2017-3126

EUVD-2017-12267
An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter.
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
fortinetfortianalyzer_firmware
5.4.0
fortinetfortianalyzer_firmware
5.4.1
fortinetfortianalyzer_firmware
5.4.2
fortinetfortimanager_firmware
5.4.0
fortinetfortimanager_firmware
5.4.1
fortinetfortimanager_firmware
5.4.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/98557
http://www.securitytracker.com/id/1038539
http://www.securitytracker.com/id/1038540
https://fortiguard.com/psirt/FG-IR-17-014
http://www.securityfocus.com/bid/98557
http://www.securitytracker.com/id/1038539
http://www.securitytracker.com/id/1038540
https://fortiguard.com/psirt/FG-IR-17-014