{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T09:14:45.368","vulnerabilities":[{"cve":{"id":"CVE-2017-7735","sourceIdentifier":"psirt@fortinet.com","published":"2017-09-12T02:29:00.420","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.2.0 through 5.2.11 and 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via the \"Groups\" input while creating or editing User Groups."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-Site Scripting en Fortinet FortiOS desde la versión 5.2.0 hasta la 5.2.11 y 5.4.0 hasta la 5.4.4 permite que atacantes remotos ejecuten código o comandos sin autorización mediante la entrada \"Groups\" al crear o editar grupos de usuarios."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*","matchCriteriaId":"7E627C59-7C16-44F0-800D-A2E8A766B26D"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*","matchCriteriaId":"233236FA-BB13-4261-BE2E-3E617406DC53"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*","matchCriteriaId":"27844CC9-498B-4A65-91AC-AC130222EE5F"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*","matchCriteriaId":"27B4C672-7ED5-4113-87AE-5774D1263C0B"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*","matchCriteriaId":"2CBEA3AA-AE46-4A55-91EE-9ADC187BF614"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*","matchCriteriaId":"05CB7A90-91BC-49AF-9B5C-EBD212484C64"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*","matchCriteriaId":"864D3221-177B-43CE-BD7D-CB14A110268E"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*","matchCriteriaId":"31C186D6-6AC5-49EB-A701-C91358B4A25F"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*","matchCriteriaId":"DAC9F6C4-F887-4F25-87BD-383F6CF39806"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*","matchCriteriaId":"F8558962-7A19-4F4A-BED0-9CB5D4CFC422"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.2.10:*:*:*:*:*:*:*","matchCriteriaId":"EC63D521-EC88-4B13-BC73-3284F3FCF3A4"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.2.11:*:*:*:*:*:*:*","matchCriteriaId":"DB756AF8-F9D2-472E-867B-C04D11F62FA5"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*","matchCriteriaId":"1668AE14-D9A4-4B7D-BC3F-75885792875A"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*","matchCriteriaId":"9E0F3B9B-A06F-4A96-B2E7-9DC56E629182"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*","matchCriteriaId":"50F8AE97-A647-4A37-8EF2-BC0BBCC8EADD"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*","matchCriteriaId":"377A2F0B-2A58-4C2C-B546-3178B353484B"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*","matchCriteriaId":"20EBDFD4-45A0-47CC-817E-48E84F945402"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/99098","source":"psirt@fortinet.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038705","source":"psirt@fortinet.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://fortiguard.com/advisory/FG-IR-17-127","source":"psirt@fortinet.com","tags":["Mitigation","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/99098","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038705","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://fortiguard.com/advisory/FG-IR-17-127","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Vendor Advisory"]}]}}]}