CVE-2016-4066

Cross-site request forgery (CSRF) vulnerability in Fortinet FortiWeb before 5.5.3 allows remote attackers to hijack the authentication of administrators for requests that change the password via unspecified vectors.
Configurations

Configuration 1 (hide)

cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:51

Type Values Removed Values Added
References () http://fortiguard.com/advisory/fortiweb-csrf-vulnerability - Vendor Advisory () http://fortiguard.com/advisory/fortiweb-csrf-vulnerability - Vendor Advisory
References () http://www.securityfocus.com/bid/91768 - () http://www.securityfocus.com/bid/91768 -
References () http://www.securitytracker.com/id/1036194 - () http://www.securitytracker.com/id/1036194 -

Information

Published : 2016-07-13 15:59

Updated : 2024-11-21 02:51


NVD link : CVE-2016-4066

Mitre link : CVE-2016-4066

CVE.ORG link : CVE-2016-4066


JSON object : View

Products Affected

fortinet

  • fortiweb
CWE
CWE-352

Cross-Site Request Forgery (CSRF)