Lucene search
K

941 matches found

CNNVD
CNNVD
added 2026/03/10 12:0 a.m.6 views

Fortinet多款产品 安全漏洞

Fortinet FortiManager is a product of the American company Fortinet. Fortinet FortiManager is a centralized network security management platform. Fortinet FortiAnalyzer is a centralized network security reporting solution. Fortinet FortiManager Cloud is a cloud-based network management software...

3.7CVSS5.8AI score0.00369EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.8 views

Fortinet多款产品 安全漏洞

Fortinet FortiManager is a product of the American company Fortinet. Fortinet FortiManager is a centralized network security management platform. Fortinet FortiAnalyzer is a centralized network security reporting solution. Fortinet FortiAnalyzer Cloud is a cloud-based logging platform based on...

7.2CVSS5.9AI score0.0052EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.13 views

Fortinet多款产品 格式化字符串错误漏洞

Fortinet FortiManager is a product of the American company Fortinet. Fortinet FortiManager is a centralized network security management platform. Fortinet FortiAnalyzer is a centralized network security reporting solution. Fortinet FortiManager Cloud is a cloud-based network management software...

7.2CVSS5.8AI score0.00571EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.3 views

Fortinet FortiAnalyzer Format string vulnerability in fazsvcd (FG-IR-26-092)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-092 advisory. - A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer...

7.2CVSS5.8AI score0.00571EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.2 views

Fortinet FortiManager Authentication Lockout Bypass via Race Condition (FG-IR-26-079)

The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-079 advisory. - An improper restriction of excessive authentication attempts vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4...

3.7CVSS5.8AI score0.00369EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.4 views

Fortinet FortiAnalyzer Authentication Lockout Bypass via Race Condition (FG-IR-26-079)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-079 advisory. - An improper restriction of excessive authentication attempts vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6....

3.7CVSS5.8AI score0.00369EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.2 views

Fortinet FortiAnalyzer MFA Bypass in GUI (FG-IR-26-090)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-090 advisory. - An authentication bypass using an alternate path or channel vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3...

7.2CVSS5.8AI score0.00562EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.2 views

Fortinet FortiManager MFA Bypass in GUI (FG-IR-26-090)

The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-090 advisory. - An authentication bypass using an alternate path or channel vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3,...

7.2CVSS5.8AI score0.00562EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.6 views

Fortinet FortiManager Format string vulnerability in fazsvcd (FG-IR-26-092)

The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-092 advisory. - A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer...

7.2CVSS5.8AI score0.00571EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.3 views

Fortinet FortiAnalyzer Privilege escalation using undocumented CLI command (FG-IR-26-081)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-081 advisory. - A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7,...

7.2CVSS5.9AI score0.0052EPSS
Exploits0References2
NCSC
NCSC
added 2026/01/28 9:32 a.m.11 views

Vulnerability fixed in Fortinet products

Fortinet has fixed a vulnerability in FortiAnalyzer, FortiManager, FortiOS and FortiProxy products. The vulnerability is in specific implementations of FortiCloud SSO authentication. The vulnerability allows attackers with a registered device and a FortiCloud account to bypass authentication and...

9.8CVSS5.8AI score0.85844EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/01/28 4:49 a.m.17 views

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

Fortinet has begun releasing security updates to address a critical flaw impacting FortiOS that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-24858 CVSS score: 9.4, has been described as an authentication bypass related to FortiOS single...

9.8CVSS6.1AI score0.85844EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.11 views

Fortinet FortiAnalyzer SSO authentication bypass (FG-IR-26-060)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-060 advisory. - An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 in FortiOS, FortiManager, FortiAnalyz...

9.8CVSS6.1AI score0.85844EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.79 views

Fortinet Fortigate SSO authentication bypass (FG-IR-26-060)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-060 advisory. - An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 in FortiOS, FortiManager, FortiAnalyzer m...

9.8CVSS6.1AI score0.85844EPSS
Exploits0References3
NVD
NVD
added 2026/01/27 8:16 p.m.8 views

CVE-2026-24858

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager...

9.8CVSS0.85844EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/27 7:18 p.m.8 views

CVE-2026-24858

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager...

9.8CVSS6.1AI score0.85844EPSS
In wildExploits0References2Affected Software5
EUVD
EUVD
added 2026/01/27 7:18 p.m.8 views

EUVD-2026-4712

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager...

9.8CVSS5.9AI score0.85844EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/27 7:18 p.m.4 views

CVE-2026-24858

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager...

9.8CVSS7AI score0.85844EPSS
Exploits0References1
CVE
CVE
added 2026/01/27 7:18 p.m.661 views

CVE-2026-24858

CVE-2026-24858 is a high-severity authentication bypass affecting Fortinet FortiAnalyzer, FortiManager, FortiOS, FortiProxy, and FortiWeb (various 7.x versions) via FortiCloud SSO. The issue allows an attacker with a FortiCloud account and a registered device to log into other devices registered ...

9.8CVSS7AI score0.85844EPSS
In wildExploits0References4Affected Software6
Cvelist
Cvelist
added 2026/01/27 7:18 p.m.135 views

CVE-2026-24858

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager...

9.8CVSS0.85844EPSS
Exploits0References1
Rows per page
Query Builder