Vulnerability Details CVE-2015-3616
SQL injection vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to execute arbitrary commands via unspecified parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2015-3616
-
cpe:2.3:h:fortinet:fortimanager_2000e:-
-
cpe:2.3:h:fortinet:fortimanager_200d:-
-
cpe:2.3:h:fortinet:fortimanager_3000f:-
-
cpe:2.3:h:fortinet:fortimanager_300e:-
-
cpe:2.3:h:fortinet:fortimanager_3900e:-
-
cpe:2.3:h:fortinet:fortimanager_400e:-
-
cpe:2.3:o:fortinet:fortimanager_firmware:5.0.0
-
cpe:2.3:o:fortinet:fortimanager_firmware:5.0.1
-
cpe:2.3:o:fortinet:fortimanager_firmware:5.0.10
-
cpe:2.3:o:fortinet:fortimanager_firmware:5.0.2
-
cpe:2.3:o:fortinet:fortimanager_firmware:5.0.3
-
cpe:2.3:o:fortinet:fortimanager_firmware:5.0.4
-
cpe:2.3:o:fortinet:fortimanager_firmware:5.0.5
-
cpe:2.3:o:fortinet:fortimanager_firmware:5.0.6
-
cpe:2.3:o:fortinet:fortimanager_firmware:5.0.7
-
cpe:2.3:o:fortinet:fortimanager_firmware:5.0.8
-
cpe:2.3:o:fortinet:fortimanager_firmware:5.0.9
-
cpe:2.3:o:fortinet:fortimanager_firmware:5.2.0
-
cpe:2.3:o:fortinet:fortimanager_firmware:5.2.1