CVE-2013-1414: CSRF

First published: Mon Jul 08 2013(Updated: )

Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown.

Credit: cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• agent/last-modified-date
• agent/first-publish-date
• agent/references
• agent/author
• agent/severity
• agent/weakness
• agent/description
• agent/event
• agent/tags
• agent/softwarecombine
• collector/nvd-index
• agent/software-canonical-lookup-request
• vendor/fortinet
• canonical/fortinet fortios ips engine
• version/fortinet fortios ips engine/4.3.12
• version/fortinet fortios ips engine/4.3.10
• version/fortinet fortios ips engine/5.0
• version/fortinet fortios ips engine/5.0.1
• canonical/fortinet fortigate-1000c
• canonical/fortinet fortigate-100d
• canonical/fortinet fortigate-110c
• canonical/fortinet fortigate-1240b
• canonical/fortinet fortigate-200b
• canonical/fortinet fortigate-20c
• canonical/fortinet fortigate-300c
• canonical/fortinet fortigate
• canonical/fortinet fortigate-310b
• canonical/fortinet fortigate-311b
• canonical/fortinet fortigate-3140b
• canonical/fortinet fortigate-3240c
• canonical/fortinet fortigate-3810a
• canonical/fortinet fortigate-40c
• canonical/fortinet fortigate-5001a
• canonical/fortinet fortigate-5001b
• canonical/fortinet fortigate-5101c
• canonical/fortinet fortigate-5140b
• canonical/fortinet fortigate-60c
• canonical/fortinet fortigate-620b
• canonical/fortinet fortigate-800c
• canonical/fortinet fortigate-voice-80c
• canonical/fortinet fortigate rugged-100c