Lucene search

K

Fortios Security Vulnerabilities

cve
cve

CVE-2020-15937

An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack (XSS) via the IPS and WAF logs...

6.1CVSS

5.9AI Score

0.001EPSS

2021-03-03 04:15 PM
22
cve
cve

CVE-2020-12818

An insufficient logging vulnerability in FortiGate before 6.4.1 may allow the traffic from an unauthenticated attacker to Fortinet owned IP addresses to go...

5.3CVSS

5.4AI Score

0.001EPSS

2020-09-24 03:15 PM
40
cve
cve

CVE-2019-5591

A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP...

6.5CVSS

7.8AI Score

0.002EPSS

2020-08-14 04:15 PM
908
In Wild
17
cve
cve

CVE-2020-12812

An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their...

9.8CVSS

9.4AI Score

0.029EPSS

2020-07-24 11:15 PM
986
In Wild
16
cve
cve

CVE-2019-17655

A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an attacker to retrieve a logged-in SSL VPN user's credentials should that attacker be able to read the session file stored...

7.5CVSS

7.3AI Score

0.002EPSS

2020-06-16 09:15 PM
56
2
cve
cve

CVE-2018-13371

An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS...

8.8CVSS

8.6AI Score

0.001EPSS

2020-04-02 02:15 PM
17
cve
cve

CVE-2019-6696

An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change...

6.1CVSS

6.2AI Score

0.001EPSS

2020-03-15 11:15 PM
26
cve
cve

CVE-2019-5593

Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system's builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below or for user uploaded...

5.5CVSS

5.4AI Score

0.0004EPSS

2020-01-23 05:15 PM
24
cve
cve

CVE-2018-9195

Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and...

5.9CVSS

5.6AI Score

0.001EPSS

2019-11-21 03:15 PM
54
cve
cve

CVE-2019-15703

An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA handshake and mutual...

7.5CVSS

7.5AI Score

0.002EPSS

2019-10-24 02:15 PM
59
cve
cve

CVE-2018-13367

An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin...

5.3CVSS

5.4AI Score

0.001EPSS

2019-08-23 09:15 PM
99
cve
cve

CVE-2019-5587

Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific...

6.5CVSS

9.3AI Score

0.001EPSS

2019-06-04 10:29 PM
242
cve
cve

CVE-2019-5586

A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "param" parameter of the error process HTTP...

6.1CVSS

6.2AI Score

0.001EPSS

2019-06-04 10:29 PM
246
cve
cve

CVE-2019-5588

A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "err" parameter of the error process HTTP...

6.1CVSS

6.2AI Score

0.001EPSS

2019-06-04 10:29 PM
236
cve
cve

CVE-2018-13382

An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via...

7.5CVSS

7.5AI Score

0.894EPSS

2019-06-04 09:29 PM
1120
In Wild
4
cve
cve

CVE-2018-13380

A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling...

6.1CVSS

6AI Score

0.001EPSS

2019-06-04 09:29 PM
221
cve
cve

CVE-2018-13384

A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to potentially poison HTTP cache and subsequently redirect SSL VPN web portal users to arbitrary web...

6.1CVSS

6.2AI Score

0.001EPSS

2019-06-04 09:29 PM
225
cve
cve

CVE-2018-13379

An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download...

9.8CVSS

9.5AI Score

0.974EPSS

2019-06-04 09:29 PM
1953
In Wild
169
cve
cve

CVE-2018-13381

A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message...

7.5CVSS

7.6AI Score

0.001EPSS

2019-06-04 09:29 PM
207
4
cve
cve

CVE-2018-13365

An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block...

5.3CVSS

5.3AI Score

0.001EPSS

2019-05-29 09:29 PM
125
cve
cve

CVE-2018-13383

A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle...

6.5CVSS

6.8AI Score

0.008EPSS

2019-05-29 06:29 PM
927
In Wild
3
cve
cve

CVE-2018-13366

An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP...

5.3CVSS

5.1AI Score

0.001EPSS

2019-04-09 05:29 PM
24
cve
cve

CVE-2017-17544

A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified...

7.2CVSS

7AI Score

0.001EPSS

2019-04-09 04:29 PM
50
cve
cve

CVE-2018-1352

A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username...

9.8CVSS

9.5AI Score

0.002EPSS

2019-02-08 06:29 PM
23
cve
cve

CVE-2018-13374

A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the...

8.8CVSS

8.4AI Score

0.006EPSS

2019-01-22 02:29 PM
618
In Wild
2
cve
cve

CVE-2018-13376

An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP...

7.5CVSS

7.5AI Score

0.014EPSS

2018-11-27 03:29 PM
18
cve
cve

CVE-2018-9194

A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being...

5.9CVSS

5.7AI Score

0.001EPSS

2018-09-05 01:29 PM
18
cve
cve

CVE-2018-9192

A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under SSL Deep Inspection feature when CPx...

5.9CVSS

5.7AI Score

0.001EPSS

2018-09-05 01:29 PM
19
cve
cve

CVE-2018-9185

An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user's web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On...

8.1CVSS

7.5AI Score

0.005EPSS

2018-07-05 01:29 PM
22
cve
cve

CVE-2017-14185

An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8 and 5.2 all versions allows SSL VPN web portal users to access internal FortiOS configuration information (eg:addresses) via specifically crafted URLs inside the SSL-VPN web...

5.3CVSS

5AI Score

0.001EPSS

2018-05-25 04:29 PM
25
cve
cve

CVE-2017-14187

A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary program....

6.2CVSS

6.8AI Score

0.0004EPSS

2018-05-24 08:29 PM
32
cve
cve

CVE-2012-0941

Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log&Report Display modules, or the...

6.1CVSS

6AI Score

0.003EPSS

2018-02-08 11:29 PM
19
cve
cve

CVE-2017-14190

A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.7, 5.2 and earlier, allows attacker to inject arbitrary web script or HTML via maliciously crafted "Host" header in user HTTP...

6.1CVSS

6AI Score

0.002EPSS

2018-01-29 04:29 PM
26
cve
cve

CVE-2017-7738

An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and below versions allow an admin user with super_admin privileges to view the current SSL VPN web portal session info which may contains user credentials through the fnsysctl CLI...

7.2CVSS

6.8AI Score

0.001EPSS

2017-12-13 10:29 PM
21
cve
cve

CVE-2017-14186

A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4 and below versions under SSL VPN web portal allows a remote user to inject arbitrary web script or HTML in the context of the victim's browser via the login redir parameter. An URL Redirection attack....

5.4CVSS

5.1AI Score

0.029EPSS

2017-11-29 07:29 PM
44
2
cve
cve

CVE-2017-7739

A reflected Cross-site Scripting (XSS) vulnerability in web proxy disclaimer response web pages in Fortinet FortiOS 5.6.0, 5.4.0 to 5.4.5, 5.2.0 to 5.2.11 allows an unauthenticated attacker to inject arbitrary web script or HTML in the context of the victim's browser via sending a maliciously...

6.1CVSS

5.9AI Score

0.001EPSS

2017-11-13 02:29 PM
21
cve
cve

CVE-2017-14182

A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 allows an authenticated user to cause the web GUI to be temporarily unresponsive, via passing a specially crafted payload to the 'params' parameter of the JSON web...

6.5CVSS

6.2AI Score

0.004EPSS

2017-10-27 01:29 PM
23
cve
cve

CVE-2017-7733

A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 and 5.6.0 allows a remote unauthenticated attacker to execute arbitrary javascript code via webUI "Login Disclaimer" redir...

6.1CVSS

6.5AI Score

0.001EPSS

2017-10-27 01:29 PM
23
cve
cve

CVE-2017-3132

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to Execute unauthorized code or commands via the action input during the activation of a...

6.1CVSS

6.1AI Score

0.001EPSS

2017-09-12 02:29 AM
43
cve
cve

CVE-2017-7734

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via 'Comments' while saving Config...

5.4CVSS

5.5AI Score

0.001EPSS

2017-09-12 02:29 AM
28
cve
cve

CVE-2017-7735

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.2.0 through 5.2.11 and 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via the "Groups" input while creating or editing User...

5.4CVSS

5.5AI Score

0.001EPSS

2017-09-12 02:29 AM
22
cve
cve

CVE-2017-3133

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for...

6.1CVSS

6.1AI Score

0.001EPSS

2017-09-12 02:29 AM
45
cve
cve

CVE-2017-3131

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allows attackers to execute unauthorized code or commands via the filter input in "Applications" under...

5.4CVSS

6.1AI Score

0.001EPSS

2017-09-12 02:29 AM
40
cve
cve

CVE-2017-3130

An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows attacker to get FortiOS version info by inspecting FortiOS IKE VendorID...

7.5CVSS

7.1AI Score

0.001EPSS

2017-08-10 09:29 PM
23
cve
cve

CVE-2017-3127

A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 through 5.2.10 allows attacker to execute unauthorized code or commands via the srcintf parameter during Firewall Policy...

6.1CVSS

6.2AI Score

0.001EPSS

2017-06-01 02:29 PM
17
cve
cve

CVE-2017-3128

A stored XSS (Cross-Site-Scripting) vulnerability in Fortinet FortiOS allows attackers to execute unauthorized code or commands via the policy global-label...

4.8CVSS

5.2AI Score

0.001EPSS

2017-05-23 05:29 PM
18
cve
cve

CVE-2016-7542

A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack...

4.9CVSS

5.2AI Score

0.002EPSS

2017-03-30 02:59 PM
20
4
cve
cve

CVE-2016-7541

Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x before 5.4.0 could violate a security policy during IPS signature updates when the FortiGate's IPSengine is configured in flow mode. All FortiGate versions with IPS configured in proxy mode (the default mode) are not...

5.9CVSS

5.7AI Score

0.001EPSS

2017-03-30 02:59 PM
20
cve
cve

CVE-2016-6909

Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka...

9.8CVSS

9.6AI Score

0.962EPSS

2016-08-24 04:30 PM
40
cve
cve

CVE-2016-3978

The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the "redirect" parameter to...

6.1CVSS

6.4AI Score

0.003EPSS

2016-04-08 02:59 PM
21
Total number of security vulnerabilities168