CVE-2017-3126

MEDIUM

Fortinet Fortianalyzer Firmware - Open Redirect

Title source: rule

Description

An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter.

References (4)

Scores

CVSS v3 6.1
EPSS 0.0024
EPSS Percentile 47.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-601
Status published
Products (8)
fortinet/fortianalyzer_firmware
fortinet/fortianalyzer_firmware
fortinet/fortianalyzer_firmware
fortinet/fortimanager_firmware
fortinet/fortimanager_firmware
fortinet/fortimanager_firmware
Fortinet, Inc./Fortinet FortiAnalyzer, FortiManager < FortiAnalyzer 5.4.2, 5.4.1, 5.4.0
Fortinet, Inc./Fortinet FortiAnalyzer, FortiManager < FortiManager 5.4.2, 5.4.1, 5.4.0
Published May 27, 2017
Tracked Since Feb 18, 2026