Search
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-41678 | 1 Fortinet | 2 Fortios, Fortipam | 2023-12-15 | N/A | 8.8 HIGH |
| A double free in Fortinet FortiOS versions 7.0.0 through 7.0.5, FortiPAM version 1.0.0 through 1.0.3, 1.1.0 through 1.1.1 allows attacker to execute unauthorized code or commands via specifically crafted request. | |||||
| CVE-2023-36639 | 1 Fortinet | 3 Fortios, Fortipam, Fortiproxy | 2023-12-15 | N/A | 8.8 HIGH |
| A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4.0, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiPAM versions 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted API requests. | |||||
| CVE-2022-30307 | 1 Fortinet | 1 Fortios | 2023-08-08 | N/A | 8.1 HIGH |
| A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below may allow an unauthenticated attacker to perform a man in the middle attack. | |||||
| CVE-2021-24018 | 1 Fortinet | 1 Fortios | 2023-08-08 | 5.8 MEDIUM | 8.8 HIGH |
| A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image. | |||||
| CVE-2022-35842 | 1 Fortinet | 1 Fortios | 2023-08-08 | N/A | 7.5 HIGH |
| An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiOS SSL-VPN versions 7.2.0, versions 7.0.0 through 7.0.6 and versions 6.4.0 through 6.4.9 may allow a remote unauthenticated attacker to gain information about LDAP and SAML settings configured in FortiOS. | |||||
| CVE-2021-26110 | 1 Fortinet | 2 Fortios, Fortiproxy | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features. | |||||
| CVE-2021-44168 | 1 Fortinet | 1 Fortios | 2022-01-12 | 4.6 MEDIUM | 7.8 HIGH |
| A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages. | |||||
| CVE-2021-36173 | 1 Fortinet | 14 Fortigate-1100e, Fortigate-200f, Fortigate-2600f and 11 more | 2021-12-10 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images. | |||||
| CVE-2021-26103 | 1 Fortinet | 2 Fortios, Fortiproxy | 2021-12-09 | 5.1 MEDIUM | 8.8 HIGH |
| An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability. | |||||
| CVE-2021-26108 | 1 Fortinet | 1 Fortios | 2021-12-09 | 5.0 MEDIUM | 7.5 HIGH |
| A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering. | |||||
| CVE-2021-41024 | 1 Fortinet | 2 Fortios, Fortiproxy | 2021-12-09 | 5.0 MEDIUM | 7.5 HIGH |
| A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page. | |||||
| CVE-2019-15703 | 1 Fortinet | 1 Fortios | 2021-07-21 | 2.6 LOW | 7.5 HIGH |
| An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA handshake and mutual ECDSA authentication via the help of flush+reload side channel attacks in FortiGate VM models only. | |||||
| CVE-2021-24012 | 1 Fortinet | 1 Fortios | 2021-06-14 | 7.5 HIGH | 7.3 HIGH |
| An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted Certificate Authority. | |||||
| CVE-2018-13374 | 1 Fortinet | 1 Fortios | 2021-06-03 | 4.0 MEDIUM | 8.8 HIGH |
| A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one. | |||||
| CVE-2018-13382 | 1 Fortinet | 1 Fortios | 2021-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests | |||||
| CVE-2018-13381 | 1 Fortinet | 2 Fortios, Fortiproxy | 2021-03-16 | 5.0 MEDIUM | 7.5 HIGH |
| A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads. | |||||
| CVE-2020-15938 | 1 Fortinet | 1 Fortios | 2021-03-11 | 4.3 MEDIUM | 7.5 HIGH |
| When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header. | |||||
| CVE-2019-17655 | 1 Fortinet | 1 Fortios | 2021-03-09 | 5.0 MEDIUM | 7.5 HIGH |
| A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an attacker to retrieve a logged-in SSL VPN user's credentials should that attacker be able to read the session file stored on the targeted device's system. | |||||
| CVE-2017-17544 | 1 Fortinet | 1 Fortios | 2020-08-28 | 9.0 HIGH | 7.2 HIGH |
| A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations. | |||||
| CVE-2018-13371 | 1 Fortinet | 1 Fortios | 2020-04-03 | 6.5 MEDIUM | 8.8 HIGH |
| An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component. | |||||
| CVE-2019-15705 | 1 Fortinet | 1 Fortios | 2019-12-16 | 5.0 MEDIUM | 7.5 HIGH |
| An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request. | |||||
| CVE-2018-13376 | 1 Fortinet | 1 Fortios | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response. | |||||
| CVE-2018-9185 | 1 Fortinet | 1 Fortios | 2018-08-27 | 4.3 MEDIUM | 8.1 HIGH |
| An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user's web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature. | |||||
| CVE-2017-7738 | 1 Fortinet | 1 Fortios | 2017-12-26 | 4.0 MEDIUM | 7.2 HIGH |
| An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and below versions allow an admin user with super_admin privileges to view the current SSL VPN web portal session info which may contains user credentials through the fnsysctl CLI command. | |||||
| CVE-2017-3130 | 1 Fortinet | 1 Fortios | 2017-08-21 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows attacker to get FortiOS version info by inspecting FortiOS IKE VendorID packets. | |||||