Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown.
Published: 2013-07-08
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2013-1452 Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown.
References
Link Providers
http://www.exploit-db.com/exploits/26528/ cve-icon cve-icon
History

No history.

Subscriptions

Fortinet Fortigate-1000c Fortigate-100d Fortigate-110c Fortigate-1240b Fortigate-200b Fortigate-20c Fortigate-300c Fortigate-3040b Fortigate-310b Fortigate-311b Fortigate-3140b Fortigate-3240c Fortigate-3810a Fortigate-3950b Fortigate-40c Fortigate-5001a-sw Fortigate-5001b Fortigate-5020 Fortigate-5060 Fortigate-50b Fortigate-5101c Fortigate-5140b Fortigate-600c Fortigate-60c Fortigate-620b Fortigate-800c Fortigate-80c Fortigate-voice-80c Fortigaterugged-100c Fortios
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-09-16T20:16:50.095Z

Reserved: 2013-01-24T00:00:00.000Z

Link: CVE-2013-1414

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2013-07-08T17:55:02.783

Modified: 2025-04-11T00:51:21.963

Link: CVE-2013-1414

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses