Overview :
A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a remote, unauthenticated attacker to perform arbitrary actions using an authenticated user’s session by persuading the victim to follow a malicious link.
Affected Product(s) :



Each reference used in CVE has the following structure:


  • SOURCE is an alphanumeric keyword.
    (Examples: “BUGTRAQ”, “OVAL”, etc.)
  • NAME is a single line of ASCII text and can include colons and spaces.
    (Examples: “BUGTRAQ: Posting to Bugtraq mailing list”; “OVAL: Open Vulnerability and Assessment Language (OVAL) vulnerability definition”; etc.)

Where possible, the NAME is selected to facilitate searches on a SOURCE’s website. For references that do not have a well-defined identifier, a release date and/or subject header may be included.

References are typically listed in the order below:

  • Initial announcement
  • Response team advisory
  • Vendor acknowledgement/advisory
  • All other public sources