CVE-2014-1956
medium
Fortinet CVSS v3 Base Score
5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS Score
0.2%
Exploitation probability in 30 days
Top 55% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
P
Availability
None
Vulnerability Report
Generated by CyberWatcher
Description
CRLF injection vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
CWE
NVD-CWE-OtherAffected Products
fortinet fortiweb