CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14186

A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4 and below versions under SSL VPN web portal allows a remote user to inject arbitrary web script or HTML in the context of the victim's browser via the login redir parameter. An URL Redirection attack may also be feasible by injecting an external URL via the affected parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.041

EPSS Ranking 88.0%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2017-14186

Fortinet » Fortios » Version: 3.1.0

cpe:2.3:o:fortinet:fortios:3.1.0
Fortinet » Fortios » Version: 3.2.0

cpe:2.3:o:fortinet:fortios:3.2.0
Fortinet » Fortios » Version: 3.3.0

cpe:2.3:o:fortinet:fortios:3.3.0
Fortinet » Fortios » Version: 3.3.10

cpe:2.3:o:fortinet:fortios:3.3.10
Fortinet » Fortios » Version: 3.3.11

cpe:2.3:o:fortinet:fortios:3.3.11
Fortinet » Fortios » Version: 3.3.12

cpe:2.3:o:fortinet:fortios:3.3.12
Fortinet » Fortios » Version: 3.3.13

cpe:2.3:o:fortinet:fortios:3.3.13
Fortinet » Fortios » Version: 3.3.14

cpe:2.3:o:fortinet:fortios:3.3.14
Fortinet » Fortios » Version: 3.3.3

cpe:2.3:o:fortinet:fortios:3.3.3
Fortinet » Fortios » Version: 3.3.5

cpe:2.3:o:fortinet:fortios:3.3.5
Fortinet » Fortios » Version: 3.3.6

cpe:2.3:o:fortinet:fortios:3.3.6
Fortinet » Fortios » Version: 3.3.7

cpe:2.3:o:fortinet:fortios:3.3.7
Fortinet » Fortios » Version: 3.3.8

cpe:2.3:o:fortinet:fortios:3.3.8
Fortinet » Fortios » Version: 3.3.9

cpe:2.3:o:fortinet:fortios:3.3.9
Fortinet » Fortios » Version: 3.4.0

cpe:2.3:o:fortinet:fortios:3.4.0
Fortinet » Fortios » Version: 3.4.1

cpe:2.3:o:fortinet:fortios:3.4.1
Fortinet » Fortios » Version: 3.4.2

cpe:2.3:o:fortinet:fortios:3.4.2
Fortinet » Fortios » Version: 3.4.3

cpe:2.3:o:fortinet:fortios:3.4.3
Fortinet » Fortios » Version: 3.4.4

cpe:2.3:o:fortinet:fortios:3.4.4
Fortinet » Fortios » Version: 3.4.5

cpe:2.3:o:fortinet:fortios:3.4.5
Fortinet » Fortios » Version: 3.5.0

cpe:2.3:o:fortinet:fortios:3.5.0
Fortinet » Fortios » Version: 3.5.1

cpe:2.3:o:fortinet:fortios:3.5.1
Fortinet » Fortios » Version: 3.5.2

cpe:2.3:o:fortinet:fortios:3.5.2
Fortinet » Fortios » Version: 3.5.3

cpe:2.3:o:fortinet:fortios:3.5.3
Fortinet » Fortios » Version: 3.5.4

cpe:2.3:o:fortinet:fortios:3.5.4
Fortinet » Fortios » Version: 3.5.5

cpe:2.3:o:fortinet:fortios:3.5.5
Fortinet » Fortios » Version: 3.5.6

cpe:2.3:o:fortinet:fortios:3.5.6
Fortinet » Fortios » Version: 3.5.7

cpe:2.3:o:fortinet:fortios:3.5.7
Fortinet » Fortios » Version: 3.6.0

cpe:2.3:o:fortinet:fortios:3.6.0
Fortinet » Fortios » Version: 3.6.1

cpe:2.3:o:fortinet:fortios:3.6.1
Fortinet » Fortios » Version: 3.6.2

cpe:2.3:o:fortinet:fortios:3.6.2
Fortinet » Fortios » Version: 3.6.3

cpe:2.3:o:fortinet:fortios:3.6.3
Fortinet » Fortios » Version: 3.6.4

cpe:2.3:o:fortinet:fortios:3.6.4
Fortinet » Fortios » Version: 3.6.5

cpe:2.3:o:fortinet:fortios:3.6.5
Fortinet » Fortios » Version: 3.6.6

cpe:2.3:o:fortinet:fortios:3.6.6
Fortinet » Fortios » Version: 3.7.0

cpe:2.3:o:fortinet:fortios:3.7.0
Fortinet » Fortios » Version: 3.7.1

cpe:2.3:o:fortinet:fortios:3.7.1
Fortinet » Fortios » Version: 3.7.10

cpe:2.3:o:fortinet:fortios:3.7.10
Fortinet » Fortios » Version: 3.7.2

cpe:2.3:o:fortinet:fortios:3.7.2
Fortinet » Fortios » Version: 3.7.3

cpe:2.3:o:fortinet:fortios:3.7.3
Fortinet » Fortios » Version: 3.7.4

cpe:2.3:o:fortinet:fortios:3.7.4
Fortinet » Fortios » Version: 3.7.5

cpe:2.3:o:fortinet:fortios:3.7.5
Fortinet » Fortios » Version: 3.7.6

cpe:2.3:o:fortinet:fortios:3.7.6
Fortinet » Fortios » Version: 3.7.7

cpe:2.3:o:fortinet:fortios:3.7.7
Fortinet » Fortios » Version: 3.7.8

cpe:2.3:o:fortinet:fortios:3.7.8
Fortinet » Fortios » Version: 3.7.9

cpe:2.3:o:fortinet:fortios:3.7.9
Fortinet » Fortios » Version: 4.0.0

cpe:2.3:o:fortinet:fortios:4.0.0
Fortinet » Fortios » Version: 4.0.1

cpe:2.3:o:fortinet:fortios:4.0.1
Fortinet » Fortios » Version: 4.0.2

cpe:2.3:o:fortinet:fortios:4.0.2
Fortinet » Fortios » Version: 4.0.3

cpe:2.3:o:fortinet:fortios:4.0.3
Fortinet » Fortios » Version: 4.0.4

cpe:2.3:o:fortinet:fortios:4.0.4
Fortinet » Fortios » Version: 4.1.0

cpe:2.3:o:fortinet:fortios:4.1.0
Fortinet » Fortios » Version: 4.1.1

cpe:2.3:o:fortinet:fortios:4.1.1
Fortinet » Fortios » Version: 4.1.10

cpe:2.3:o:fortinet:fortios:4.1.10
Fortinet » Fortios » Version: 4.1.11

cpe:2.3:o:fortinet:fortios:4.1.11
Fortinet » Fortios » Version: 4.1.2

cpe:2.3:o:fortinet:fortios:4.1.2
Fortinet » Fortios » Version: 4.1.3

cpe:2.3:o:fortinet:fortios:4.1.3
Fortinet » Fortios » Version: 4.1.4

cpe:2.3:o:fortinet:fortios:4.1.4
Fortinet » Fortios » Version: 4.1.5

cpe:2.3:o:fortinet:fortios:4.1.5
Fortinet » Fortios » Version: 4.1.6

cpe:2.3:o:fortinet:fortios:4.1.6
Fortinet » Fortios » Version: 4.1.7

cpe:2.3:o:fortinet:fortios:4.1.7
Fortinet » Fortios » Version: 4.1.8

cpe:2.3:o:fortinet:fortios:4.1.8
Fortinet » Fortios » Version: 4.1.9

cpe:2.3:o:fortinet:fortios:4.1.9
Fortinet » Fortios » Version: 4.2.0

cpe:2.3:o:fortinet:fortios:4.2.0
Fortinet » Fortios » Version: 4.2.1

cpe:2.3:o:fortinet:fortios:4.2.1
Fortinet » Fortios » Version: 4.2.10

cpe:2.3:o:fortinet:fortios:4.2.10
Fortinet » Fortios » Version: 4.2.11

cpe:2.3:o:fortinet:fortios:4.2.11
Fortinet » Fortios » Version: 4.2.12

cpe:2.3:o:fortinet:fortios:4.2.12
Fortinet » Fortios » Version: 4.2.13

cpe:2.3:o:fortinet:fortios:4.2.13
Fortinet » Fortios » Version: 4.2.14

cpe:2.3:o:fortinet:fortios:4.2.14
Fortinet » Fortios » Version: 4.2.15

cpe:2.3:o:fortinet:fortios:4.2.15
Fortinet » Fortios » Version: 4.2.16

cpe:2.3:o:fortinet:fortios:4.2.16
Fortinet » Fortios » Version: 4.2.2

cpe:2.3:o:fortinet:fortios:4.2.2
Fortinet » Fortios » Version: 4.2.3

cpe:2.3:o:fortinet:fortios:4.2.3
Fortinet » Fortios » Version: 4.2.4

cpe:2.3:o:fortinet:fortios:4.2.4
Fortinet » Fortios » Version: 4.2.5

cpe:2.3:o:fortinet:fortios:4.2.5
Fortinet » Fortios » Version: 4.2.6

cpe:2.3:o:fortinet:fortios:4.2.6
Fortinet » Fortios » Version: 4.2.7

cpe:2.3:o:fortinet:fortios:4.2.7
Fortinet » Fortios » Version: 4.2.8

cpe:2.3:o:fortinet:fortios:4.2.8
Fortinet » Fortios » Version: 4.2.9

cpe:2.3:o:fortinet:fortios:4.2.9
Fortinet » Fortios » Version: 4.3.0

cpe:2.3:o:fortinet:fortios:4.3.0
Fortinet » Fortios » Version: 4.3.1

cpe:2.3:o:fortinet:fortios:4.3.1
Fortinet » Fortios » Version: 4.3.10

cpe:2.3:o:fortinet:fortios:4.3.10
Fortinet » Fortios » Version: 4.3.11

cpe:2.3:o:fortinet:fortios:4.3.11
Fortinet » Fortios » Version: 4.3.12

cpe:2.3:o:fortinet:fortios:4.3.12
Fortinet » Fortios » Version: 4.3.13

cpe:2.3:o:fortinet:fortios:4.3.13
Fortinet » Fortios » Version: 4.3.14

cpe:2.3:o:fortinet:fortios:4.3.14
Fortinet » Fortios » Version: 4.3.15

cpe:2.3:o:fortinet:fortios:4.3.15
Fortinet » Fortios » Version: 4.3.16

cpe:2.3:o:fortinet:fortios:4.3.16
Fortinet » Fortios » Version: 4.3.17

cpe:2.3:o:fortinet:fortios:4.3.17
Fortinet » Fortios » Version: 4.3.18

cpe:2.3:o:fortinet:fortios:4.3.18
Fortinet » Fortios » Version: 4.3.19

cpe:2.3:o:fortinet:fortios:4.3.19
Fortinet » Fortios » Version: 4.3.2

cpe:2.3:o:fortinet:fortios:4.3.2
Fortinet » Fortios » Version: 4.3.3

cpe:2.3:o:fortinet:fortios:4.3.3
Fortinet » Fortios » Version: 4.3.4

cpe:2.3:o:fortinet:fortios:4.3.4
Fortinet » Fortios » Version: 4.3.5

cpe:2.3:o:fortinet:fortios:4.3.5
Fortinet » Fortios » Version: 4.3.6

cpe:2.3:o:fortinet:fortios:4.3.6
Fortinet » Fortios » Version: 4.3.7

cpe:2.3:o:fortinet:fortios:4.3.7
Fortinet » Fortios » Version: 4.3.8

cpe:2.3:o:fortinet:fortios:4.3.8
Fortinet » Fortios » Version: 4.3.9

cpe:2.3:o:fortinet:fortios:4.3.9
Fortinet » Fortios » Version: 5.0

cpe:2.3:o:fortinet:fortios:5.0
Fortinet » Fortios » Version: 5.2.1

cpe:2.3:o:fortinet:fortios:5.2.1
Fortinet » Fortios » Version: 5.2.10

cpe:2.3:o:fortinet:fortios:5.2.10
Fortinet » Fortios » Version: 5.2.11

cpe:2.3:o:fortinet:fortios:5.2.11
Fortinet » Fortios » Version: 5.2.12

cpe:2.3:o:fortinet:fortios:5.2.12
Fortinet » Fortios » Version: 5.2.2

cpe:2.3:o:fortinet:fortios:5.2.2
Fortinet » Fortios » Version: 5.2.3

cpe:2.3:o:fortinet:fortios:5.2.3
Fortinet » Fortios » Version: 5.2.4

cpe:2.3:o:fortinet:fortios:5.2.4
Fortinet » Fortios » Version: 5.2.5

cpe:2.3:o:fortinet:fortios:5.2.5
Fortinet » Fortios » Version: 5.2.6

cpe:2.3:o:fortinet:fortios:5.2.6
Fortinet » Fortios » Version: 5.2.7

cpe:2.3:o:fortinet:fortios:5.2.7
Fortinet » Fortios » Version: 5.2.8

cpe:2.3:o:fortinet:fortios:5.2.8
Fortinet » Fortios » Version: 5.2.9

cpe:2.3:o:fortinet:fortios:5.2.9
Fortinet » Fortios » Version: 5.4.0

cpe:2.3:o:fortinet:fortios:5.4.0
Fortinet » Fortios » Version: 5.4.1

cpe:2.3:o:fortinet:fortios:5.4.1
Fortinet » Fortios » Version: 5.4.2

cpe:2.3:o:fortinet:fortios:5.4.2
Fortinet » Fortios » Version: 5.4.3

cpe:2.3:o:fortinet:fortios:5.4.3
Fortinet » Fortios » Version: 5.4.4

cpe:2.3:o:fortinet:fortios:5.4.4
Fortinet » Fortios » Version: 5.4.5

cpe:2.3:o:fortinet:fortios:5.4.5
Fortinet » Fortios » Version: 5.4.6

cpe:2.3:o:fortinet:fortios:5.4.6
Fortinet » Fortios » Version: 5.6.0

cpe:2.3:o:fortinet:fortios:5.6.0
Fortinet » Fortios » Version: 5.6.1

cpe:2.3:o:fortinet:fortios:5.6.1
Fortinet » Fortios » Version: 5.6.2

cpe:2.3:o:fortinet:fortios:5.6.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14186

Products

Pricing

Contact Us