{"vuid":"VU#902790","idnumber":"902790","name":"Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability","keywords":["fortinet","fortiweb","csrf","cwe-352"],"overview":"Fortinet Fortiweb prior to version 5.2.0 do not sufficiently verify whether a valid request was intentionally provided by the user, which results in a cross-site request forgery (CSRF) vulnerability. (CWE-352)","clean_desc":"CWE-352: Cross-Site Request Forgery (CSRF)\nFortinet Fortiweb prior to version 5.2.0 do not sufficiently verify whether a valid request was intentionally provided by the user. The cross-site request forgery (CSRF) vulnerability lies in  /system/config/adminadd.","impact":"A remote unauthenticated attacker may be able to trick an authenticated user into making an unintentional request to the web server via a URL, image load, XMLHttpRequest, etc, which will be treated as an authentic request and may result in information leakage or code execution.","resolution":"Apply an Update Fortiweb 5.2.0 has been released to address several CSRF vulnerabilities including this one.","workarounds":"","sysaffected":"","thanks":"Thanks to William Costa for reporting this vulnerability.","author":"This document was written by Jared Allar.","public":["http://www.fortiguard.com/advisory/FG-IR-14-013/","http://cwe.mitre.org/data/definitions/352.html","http://www.fortinet.com/products/fortiweb/"],"cveids":["CVE-2014-3115"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2013-11-12T13:33:48Z","publicdate":"2014-05-02T00:00:00Z","datefirstpublished":"2014-05-07T14:11:24Z","dateupdated":"2014-05-07T14:11:27Z","revision":14,"vrda_d1_directreport":"1","vrda_d1_population":"1","vrda_d1_impact":"1","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"M","cvss_authentication":null,"cvss_confidentialityimpact":"P","cvss_integrityimpact":"P","cvss_availabilityimpact":"N","cvss_exploitablity":null,"cvss_remediationlevel":"OF","cvss_reportconfidence":"C","cvss_collateraldamagepotential":"L","cvss_targetdistribution":"L","cvss_securityrequirementscr":"M","cvss_securityrequirementsir":"M","cvss_securityrequirementsar":"L","cvss_basescore":"5.8","cvss_basevector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","cvss_temporalscore":"4.5","cvss_environmentalscore":"1.26487305491425","cvss_environmentalvector":"CDP:L/TD:L/CR:M/IR:M/AR:L","metric":0.0,"vulnote":null}