{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-10-30T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.fortiguard.com/advisory/FG-IR-14-033/"}, {"name": "70889", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/70889"}, {"name": "61309", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/61309"}, {"name": "fortimanageranalyzer-cve20142336-xss(98479)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98479"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-2336", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.fortiguard.com/advisory/FG-IR-14-033/", "refsource": "CONFIRM", "url": "http://www.fortiguard.com/advisory/FG-IR-14-033/"}, {"name": "70889", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70889"}, {"name": "61309", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61309"}, {"name": "fortimanageranalyzer-cve20142336-xss(98479)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98479"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T10:14:25.153Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.fortiguard.com/advisory/FG-IR-14-033/"}, {"name": "70889", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/70889"}, {"name": "61309", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/61309"}, {"name": "fortimanageranalyzer-cve20142336-xss(98479)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98479"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-2336", "datePublished": "2014-10-31T14:00:00", "dateReserved": "2014-03-12T00:00:00", "dateUpdated": "2024-08-06T10:14:25.153Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:fortinet:fortimanager:*:*:*:*:*:*:*:*", "matchCriteriaId": "753B3D8D-B699-4F54-B8D7-0F2938CA1812", "versionEndIncluding": "5.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortianalyzer_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ABDA1EDD-39A5-43F8-8C65-989A2BFD45EA", "versionEndIncluding": "5.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de XSS en la interfaz del usuario de web en Fortinet FortiManager anterior a 5.0.7 y FortiAnalyzer anterior a 5.0.7 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2014-2334 y CVE-2014-2335."}], "id": "CVE-2014-2336", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2014-10-31T14:55:02.907", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/61309"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.fortiguard.com/advisory/FG-IR-14-033/"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/70889"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98479"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/61309"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.fortiguard.com/advisory/FG-IR-14-033/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/70889"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98479"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}