mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
74 lines
2.1 KiB
JSON
74 lines
2.1 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "psirt@fortinet.com",
|
|
"DATE_PUBLIC" : "2017-09-11T00:00:00",
|
|
"ID" : "CVE-2017-7735",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "Fortinet FortiOS",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "FortiOS versions 5.2.0 through 5.2.11, and 5.4.0 through 5.4.4"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "Fortinet, Inc."
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.2.0 through 5.2.11 and 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via the \"Groups\" input while creating or editing User Groups."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "Execute unauthorized code or commands"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "https://fortiguard.com/advisory/FG-IR-17-127",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://fortiguard.com/advisory/FG-IR-17-127"
|
|
},
|
|
{
|
|
"name" : "99098",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/99098"
|
|
},
|
|
{
|
|
"name" : "1038705",
|
|
"refsource" : "SECTRACK",
|
|
"url" : "http://www.securitytracker.com/id/1038705"
|
|
}
|
|
]
|
|
}
|
|
}
|