What is the severity of CVE-2016-3193?

CVE-2016-3193 has been assigned a medium severity rating due to its potential for exploitation through cross-site scripting.

How do I fix CVE-2016-3193?

To fix CVE-2016-3193, update FortiManager to version 5.0.12 or higher, 5.2.6 or higher, or 5.4.1 or higher, and FortiAnalyzer to the respective patched versions.

Who is affected by CVE-2016-3193?

CVE-2016-3193 affects remote authenticated users of Fortinet FortiManager and FortiAnalyzer versions prior to the specified patched versions.

What is the attack vector for CVE-2016-3193?

The attack vector for CVE-2016-3193 involves remote authenticated users being able to inject arbitrary web script or HTML.

What kind of vulnerability is CVE-2016-3193?

CVE-2016-3193 is classified as a persistent cross-site scripting (XSS) vulnerability.

Vulnerability/
CVE-2016-3193

medium

5.4

CWE

19/8/2016

5/8/2024

CVE-2016-3193: XSS

First published: Fri Aug 19 2016(Updated: )

Cross-site scripting (XSS) vulnerability in the appliance web-application in Fortinet FortiManager 5.x before 5.0.12, 5.2.x before 5.2.6, and 5.4.x before 5.4.1 and FortiAnalyzer 5.x before 5.0.13, 5.2.x before 5.2.6, and 5.4.x before 5.4.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Fortinet Fortimanager Firmware	=5.0.0
Fortinet Fortimanager Firmware	=5.0.1
Fortinet Fortimanager Firmware	=5.0.2
Fortinet Fortimanager Firmware	=5.0.3
Fortinet Fortimanager Firmware	=5.0.4
Fortinet Fortimanager Firmware	=5.0.5
Fortinet Fortimanager Firmware	=5.0.6
Fortinet Fortimanager Firmware	=5.0.7
Fortinet Fortimanager Firmware	=5.0.8
Fortinet Fortimanager Firmware	=5.0.9
Fortinet Fortimanager Firmware	=5.0.10
Fortinet Fortimanager Firmware	=5.0.11
Fortinet Fortimanager Firmware	=5.2.0
Fortinet Fortimanager Firmware	=5.2.1
Fortinet Fortimanager Firmware	=5.2.2
Fortinet Fortimanager Firmware	=5.2.3
Fortinet Fortimanager Firmware	=5.2.4
Fortinet Fortimanager Firmware	=5.2.5
Fortinet Fortimanager Firmware	=5.4.0
Fortinet Fortianalyzer Firmware	=5.0.0
Fortinet Fortianalyzer Firmware	=5.0.2
Fortinet Fortianalyzer Firmware	=5.0.3
Fortinet Fortianalyzer Firmware	=5.0.4
Fortinet Fortianalyzer Firmware	=5.0.5
Fortinet Fortianalyzer Firmware	=5.0.6
Fortinet Fortianalyzer Firmware	=5.0.7
Fortinet Fortianalyzer Firmware	=5.0.8
Fortinet Fortianalyzer Firmware	=5.0.9
Fortinet Fortianalyzer Firmware	=5.0.10
Fortinet Fortianalyzer Firmware	=5.0.11
Fortinet Fortianalyzer Firmware	=5.0.12
Fortinet Fortianalyzer Firmware	=5.2.0
Fortinet Fortianalyzer Firmware	=5.2.1
Fortinet Fortianalyzer Firmware	=5.2.2
Fortinet Fortianalyzer Firmware	=5.2.3
Fortinet Fortianalyzer Firmware	=5.2.4
Fortinet Fortianalyzer Firmware	=5.2.5
Fortinet Fortianalyzer Firmware	=5.4.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-3193?
CVE-2016-3193 has been assigned a medium severity rating due to its potential for exploitation through cross-site scripting.
How do I fix CVE-2016-3193?
To fix CVE-2016-3193, update FortiManager to version 5.0.12 or higher, 5.2.6 or higher, or 5.4.1 or higher, and FortiAnalyzer to the respective patched versions.
Who is affected by CVE-2016-3193?
CVE-2016-3193 affects remote authenticated users of Fortinet FortiManager and FortiAnalyzer versions prior to the specified patched versions.
What is the attack vector for CVE-2016-3193?
The attack vector for CVE-2016-3193 involves remote authenticated users being able to inject arbitrary web script or HTML.
What kind of vulnerability is CVE-2016-3193?
CVE-2016-3193 is classified as a persistent cross-site scripting (XSS) vulnerability.

collector/nvd-index
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/references
agent/author
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/event
agent/description
agent/tags
agent/source
vendor/fortinet
canonical/fortinet fortimanager firmware
version/fortinet fortimanager firmware/5.0.0
version/fortinet fortimanager firmware/5.0.1
version/fortinet fortimanager firmware/5.0.2
version/fortinet fortimanager firmware/5.0.3
version/fortinet fortimanager firmware/5.0.4
version/fortinet fortimanager firmware/5.0.5
version/fortinet fortimanager firmware/5.0.6
version/fortinet fortimanager firmware/5.0.7
version/fortinet fortimanager firmware/5.0.8
version/fortinet fortimanager firmware/5.0.9
version/fortinet fortimanager firmware/5.0.10
version/fortinet fortimanager firmware/5.0.11
version/fortinet fortimanager firmware/5.2.0
version/fortinet fortimanager firmware/5.2.1
version/fortinet fortimanager firmware/5.2.2
version/fortinet fortimanager firmware/5.2.3
version/fortinet fortimanager firmware/5.2.4
version/fortinet fortimanager firmware/5.2.5
version/fortinet fortimanager firmware/5.4.0
canonical/fortinet fortianalyzer firmware
version/fortinet fortianalyzer firmware/5.0.0
version/fortinet fortianalyzer firmware/5.0.2
version/fortinet fortianalyzer firmware/5.0.3
version/fortinet fortianalyzer firmware/5.0.4
version/fortinet fortianalyzer firmware/5.0.5
version/fortinet fortianalyzer firmware/5.0.6
version/fortinet fortianalyzer firmware/5.0.7
version/fortinet fortianalyzer firmware/5.0.8
version/fortinet fortianalyzer firmware/5.0.9
version/fortinet fortianalyzer firmware/5.0.10
version/fortinet fortianalyzer firmware/5.0.11
version/fortinet fortianalyzer firmware/5.0.12
version/fortinet fortianalyzer firmware/5.2.0
version/fortinet fortianalyzer firmware/5.2.1
version/fortinet fortianalyzer firmware/5.2.2
version/fortinet fortianalyzer firmware/5.2.3
version/fortinet fortianalyzer firmware/5.2.4
version/fortinet fortianalyzer firmware/5.2.5
version/fortinet fortianalyzer firmware/5.4.0

CVE-2016-3193: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-3193?

How do I fix CVE-2016-3193?

Who is affected by CVE-2016-3193?

What is the attack vector for CVE-2016-3193?

What kind of vulnerability is CVE-2016-3193?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2016-3193?

How do I fix CVE-2016-3193?

Who is affected by CVE-2016-3193?

What is the attack vector for CVE-2016-3193?

What kind of vulnerability is CVE-2016-3193?