CVE-2017-7735

Summary

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.2.0 through 5.2.11 and 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via the "Groups" input while creating or editing User Groups.

Affected Software

VendorProductVersion RangeStatus
Fortinet, Inc.Fortinet FortiOSFortiOS versions 5.2.0 through 5.2.11, and 5.4.0 through 5.4.4affected

Weaknesses

  • Execute unauthorized code or commands

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References