Vulnerability Details CVE-2013-6826
cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrf_token parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.5%
CVSS Severity
CVSS v2 Score 6.8
References
Products affected by CVE-2013-6826
-
cpe:2.3:h:fortinet:fortianalyzer-1000d:-
-
cpe:2.3:h:fortinet:fortianalyzer-2000b:-
-
cpe:2.3:h:fortinet:fortianalyzer-200d:-
-
cpe:2.3:h:fortinet:fortianalyzer-3000d:-
-
cpe:2.3:h:fortinet:fortianalyzer-300d:-
-
cpe:2.3:h:fortinet:fortianalyzer-4000b:-
-
cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.0
-
cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.1
-
cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.4