CVE-2014-2336
Summary
| CVE | CVE-2014-2336 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-10-31 14:55:00 UTC |
| Updated | 2017-08-29 01:34:00 UTC |
| Description | Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Fortinet | Fortianalyzer Firmware | All | All | All | All |
| Hardware | Fortinet | Fortimanager | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory SA61309 - Fortinet FortiAnalyzer / FortiManager Multiple Cross-Site Scripting Vulnerabilities - Secunia | SECUNIA | secunia.com | |
| FortiGuard.com | Multiple XSS vulnerabilities in FortiManager and FortiAnalyzer Web UI | CONFIRM | www.fortiguard.com | Vendor Advisory |
| Malformed Request | BID | www.securityfocus.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.