{"vuid":"VU#667340","idnumber":"667340","name":"Fortinet FortiADC D-series contains a cross-site scripting vulnerability","keywords":["fortinet","fortiadc","xss","cross-site scripting","cwe-79"],"overview":"Fortinet FortiADC D-series 3.2.0, and possibly earlier versions, contains a cross-site scripting vulnerability. (CWE-79)","clean_desc":"CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Fortinet FortiADC D-series 3.2.0, and possibly earlier versions, contains a cross-site scripting vulnerability. The \"locale\" parameter in the \"/FortiADC/gui_partA/?locale=en\" page is vulnerable to a reflected cross-site scripting attack.","impact":"A remote unauthenticated attacker may be able to execute arbitrary script in the context of the end-user's browser session.","resolution":"Apply an Update FortiADC D-series 3.2.1 has been released to address this vulnerability.","workarounds":"Restrict access As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent XSS attacks since the attack comes as an HTTP request from a legitimate user's host. Restricting access would prevent an attacker from accessing the FortiADC interface using stolen credentials from a blocked network location.","sysaffected":"","thanks":"Thanks to William Costa for reporting this vulnerability.","author":"This document was written by Jared Allar.","public":["http://www.fortiguard.com/advisory/FG-IR-14-004/","http://cwe.mitre.org/data/definitions/79.html","http://www.fortinet.com/products/fortiadc/index.html","http://seclists.org/fulldisclosure/2014/Apr/53"],"cveids":["CVE-2014-0331"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2014-02-06T13:40:15Z","publicdate":"2014-04-11T00:00:00Z","datefirstpublished":"2014-04-11T18:44:20Z","dateupdated":"2014-04-15T19:58:50Z","revision":24,"vrda_d1_directreport":"1","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"M","cvss_authentication":null,"cvss_confidentialityimpact":"P","cvss_integrityimpact":"N","cvss_availabilityimpact":"N","cvss_exploitablity":null,"cvss_remediationlevel":"W","cvss_reportconfidence":"C","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"M","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"4.3","cvss_basevector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","cvss_temporalscore":"3.7","cvss_environmentalscore":"2.7548920287","cvss_environmentalvector":"CDP:ND/TD:M/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}