Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2023/04/17 12:0 a.m.32 views

Fortinet Fortigate Lack of certificate verification when establishing secure connections with threat feed fabric connectors (FG-IR-22-257)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-257 advisory. - An improper certificate validation vulnerability CWE-295 in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all...

7.4CVSS7.3AI score0.00276EPSS
Exploits0References2
Fortinet
Fortinet
added 2023/04/11 12:0 a.m.41 views

FortiADC - Cross-Site Scripting in Fabric Connectors

An improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability CWE-79 in FortiADC may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests...

4.9CVSS5.2AI score0.00392EPSS
Exploits0Affected Software1
NVD
NVD
added 2023/02/16 7:15 p.m.30 views

CVE-2022-39948

An improper certificate validation vulnerability CWE-295 in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a...

7.4CVSS6.2AI score0.00276EPSS
Exploits0References1
OSV
OSV
added 2023/02/16 7:15 p.m.4 views

CVE-2022-39948

An improper certificate validation vulnerability CWE-295 in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a...

7.4CVSS5.8AI score0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/02/16 6:6 p.m.17 views

CVE-2022-39948

An improper certificate validation vulnerability CWE-295 in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a...

4.8CVSS6.9AI score0.00276EPSS
Exploits0References1
Fortinet
Fortinet
added 2023/02/16 12:0 a.m.81 views

Protect

An improper certificate validation vulnerability CWE-295 in FortiOS and FortiProxy may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds when the latter are...

4CVSS7.2AI score0.00276EPSS
Exploits0Affected Software2
Rows per page
Query Builder