Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5

Rajaneesh

Overview :

References
A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a remote, unauthenticated attacker to perform arbitrary actions using an authenticated user’s session by persuading the victim to follow a malicious link.

Affected Product(s) :

CVE-2019-17653

References:

Each reference used in CVE has the following structure:

SOURCE: NAME

SOURCE is an alphanumeric keyword.
(Examples: “BUGTRAQ”, “OVAL”, etc.)
NAME is a single line of ASCII text and can include colons and spaces.
(Examples: “BUGTRAQ: Posting to Bugtraq mailing list”; “OVAL: Open Vulnerability and Assessment Language (OVAL) vulnerability definition”; etc.)

Where possible, the NAME is selected to facilitate searches on a SOURCE’s website. For references that do not have a well-defined identifier, a release date and/or subject header may be included.

References are typically listed in the order below:

Initial announcement
Response team advisory
Vendor acknowledgement/advisory
All other public sources

CVE-2019-17653

Related Articles

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server

PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers