Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

FortiManager Security Vulnerabilities

cve
cve

CVE-2018-1353

An information disclosure vulnerability in Fortinet FortiManager 6.0.1 and below versions allows a standard user with adom assignment read the interface settings of vdoms unrelated to the assigned...

4.3CVSS

4.2AI Score

0.001EPSS

2018-09-05 01:29 PM
20
cve
cve

CVE-2017-17541

A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.4 and below versions, FortiAnalyzer 6.0.0, 5.6.4 and below versions allows inject Javascript code and HTML tags through the CN value of CA and CRL certificates via the import CA and CRL certificates...

6.1CVSS

6AI Score

0.001EPSS

2018-07-16 08:29 PM
23
cve
cve

CVE-2018-1351

A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.6 and below versions allows attacker to execute HTML/javascript code via managed remote devices CLI commands by viewing the remote device CLI config installation...

4.8CVSS

5.3AI Score

0.001EPSS

2018-06-28 03:29 PM
25
cve
cve

CVE-2018-1354

An improper access control vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows a regular user edit the avatar picture of other users with arbitrary...

6.5CVSS

6.5AI Score

0.002EPSS

2018-06-27 08:29 PM
27
cve
cve

CVE-2018-1355

An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able to social engineer an...

6.1CVSS

6.1AI Score

0.002EPSS

2018-06-27 08:29 PM
19
cve
cve

CVE-2017-3126

An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next...

6.1CVSS

6.5AI Score

0.002EPSS

2017-05-27 12:29 AM
27
cve
cve

CVE-2016-8495

An improper certificate validation vulnerability in Fortinet FortiManager 5.0.6 through 5.2.7 and 5.4.0 through 5.4.1 allows remote attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack via the Fortisandbox devices probing...

7.4CVSS

7.2AI Score

0.001EPSS

2017-02-13 03:59 PM
21
4
cve
cve

CVE-2014-2336

Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and...

5.8AI Score

0.002EPSS

2014-10-31 02:55 PM
18
Total number of security vulnerabilities58