Overview :
A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a remote, unauthenticated attacker to perform arbitrary actions using an authenticated user’s session by persuading the victim to follow a malicious link.
Affected Product(s) :
-
CVE-2019-17653
References :
Each reference used in CVE has the following structure:
SOURCE: NAME
-
SOURCE is an alphanumeric keyword.
(Examples: “BUGTRAQ”, “OVAL”, etc.) -
NAME is a single line of ASCII text and can include colons and spaces.
(Examples: “BUGTRAQ: Posting to Bugtraq mailing list”; “OVAL: Open Vulnerability and Assessment Language (OVAL) vulnerability definition”; etc.)
Where possible, the NAME is selected to facilitate searches on a SOURCE’s website. For references that do not have a well-defined identifier, a release date and/or subject header may be included.
References are typically listed in the order below:
-
Initial announcement
-
Response team advisory
-
Vendor acknowledgement/advisory
-
All other public sources
