CVE-2013-1414

MEDIUM

Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown.

CVSS v2.0 Score

5.1

/ 10.0

MEDIUM

AV:N/AC:H/Au:N/C:P/I:P/A:P

Information

Published: 8 juil. 2013
Updated: 29 avr. 2026
Status: Modified
Source: cve@mitre.org

Affected products

fortinet fortiosAll Fortinet FortiOS CVEs →

Versions : 4.3.12, 4.3.10, 5.0, 5.0.1

fortinet fortigate-1000c

fortinet fortigate-100d

fortinet fortigate-110c

fortinet fortigate-1240b

fortinet fortigate-200b

fortinet fortigate-20c

fortinet fortigate-300c

Weaknesses (CWE)

CWE-352

References (2)

http://www.exploit-db.com/exploits/26528/
Exploit
http://www.exploit-db.com/exploits/26528/
Exploit

Similar CVEs

Other vulnerabilities of type CWE-352

Loading…

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring