Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1956

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-1956
Last Modified 18 Jul 2014 02:38:07
Published 30 Apr 2014 10:22:06
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-1956

Summary

CRLF injection vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Vulnerable Systems

Application

  • Fortinet Fortiweb 5.0.2


References

CONFIRM - http://www.fortiguard.com/advisory/FG-IR-13-009/


Last Updated: 27 May 2016 11:05:09