Lucene search
K

855 matches found

NVD
NVD
added 2022/04/06 10:15 a.m.15 views

CVE-2021-43205

An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries...

5.3CVSS0.00888EPSS
Exploits0References1
OSV
OSV
added 2022/04/06 10:15 a.m.2 views

CVE-2021-43205

An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries...

5.3CVSS5.8AI score0.00888EPSS
Exploits0References1
OSV
OSV
added 2022/04/06 10:15 a.m.2 views

CVE-2021-44169

A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...

8.8CVSS5.8AI score0.00373EPSS
Exploits0References1
NVD
NVD
added 2022/04/06 10:15 a.m.13 views

CVE-2021-44169

A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...

8.8CVSS0.00373EPSS
Exploits0References1
Prion
Prion
added 2022/04/06 10:15 a.m.16 views

Input validation

A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...

4.6CVSS8.7AI score0.00373EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/04/06 10:15 a.m.20 views

Xxe

An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries...

5CVSS5.2AI score0.00888EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/04/06 9:30 a.m.21 views

CVE-2021-44169

A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...

8.2CVSS9AI score0.00373EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/04/06 9:30 a.m.16 views

CVE-2021-44169

A improper initialization in Fortinet FortiClient Windows version 6.0.10 and below, version 6.2.9 and below, version 6.4.7 and below, version 7.0.3 and below allows attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...

8.2CVSS7AI score0.00373EPSS
Exploits0References1
CVE
CVE
added 2022/04/06 9:30 a.m.114 views

CVE-2021-44169

Fortinet FortiClient for Windows is affected by CVE-2021-44169 due to improper initialization in versions 6.0.10 and below, 6.2.9 and below, 6.4.7 and below, and 7.0.3 and below. This local Privilege Escalation flaw allows an attacker to gain administrative privileges by placing a malicious execu...

8.8CVSS8.7AI score0.00373EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/04/06 9:15 a.m.87 views

CVE-2021-43205

FortiClient for Linux (affected versions: 7.0.2 and below, 6.4.7 and below, 6.2.9 and below) contains an information disclosure vulnerability where an unauthenticated attacker could access the confighandler webserver via external binaries. This is documented as CVE-2021-43205 with CVSSv3 base sco...

5.3CVSS5.1AI score0.00888EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/04/06 9:15 a.m.8 views

CVE-2021-43205

An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries...

4.3CVSS6.6AI score0.00888EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/06 9:15 a.m.13 views

CVE-2021-43205

An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries...

4.3CVSS5.5AI score0.00888EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/04/06 12:0 a.m.3 views

Fortinet FortiClient 安全漏洞

Fortinet FortiClient is a mobile endpoint security solution from Fortinet, Inc. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. executable file in the FortiClient installer...

8.8CVSS5.5AI score0.00373EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/04/06 12:0 a.m.2 views

Fortinet FortiClient 信息泄露漏洞

Fortinet FortiClient is a fabric agent from Fortinet USA, Inc. It is used to provide protection, compliance, and secure access in a single modular lightweight client.An information disclosure vulnerability exists in Fortinet FortiClient for Linux. An unauthenticated attacker could exploit the...

5.3CVSS5.6AI score0.00888EPSS
Exploits0References5
Fortinet
Fortinet
added 2022/04/05 12:0 a.m.79 views

FortiClient (Windows) - privilege escalation in online installer due to incorrect working directory

An improper initialization CWE-665 vulnerability in FortiClient Windows may allow a local attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...

4.6CVSS5.3AI score0.00373EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/04/05 12:0 a.m.35 views

FortiClient (Linux) - Improper directories permissions

An incorrect permission assignment for critical resource vulnerability CWE-732 in FortiClient for Linux may allow an unauthenticated attacker to access sensitive information in log files and directories via symbolic links...

5CVSS3.6AI score0.00487EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2022/04/05 12:0 a.m.3 views

Fortinet FortiClient 安全漏洞

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in Fortinet FortiClient...

7.5CVSS7.3AI score0.00487EPSS
Exploits0References5
Fortinet
Fortinet
added 2022/04/05 12:0 a.m.42 views

FortiClient (Linux) - external access to confighandler webserver

An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiClient for Linux may allow an unauthenticated attacker to access the confighandler webserver via external binaries...

5CVSS4.4AI score0.00888EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2022/02/25 12:0 a.m.3 views

PT-2022-5801 · Fortinet · Forticlient

Name of the Vulnerable Software and Affected Versions: FortiClientWindows versions 7.0.0 through 7.0.3 FortiClientWindows versions 6.4.0 through 6.4.7 FortiClientWindows versions 6.2.0 through 6.2.9 FortiClientWindows versions 6.0.0 through 6.0.10 Description: The issue is related to insecure...

7.7CVSS6.8AI score0.00307EPSS
Exploits0References11
Zero Day Initiative
Zero Day Initiative
added 2022/01/17 12:0 a.m.27 views

Fortinet FortiClient Network Access Control Uncontrolled Search Path Element Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Fortinet FortiClient Network Access Control. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

7.8CVSS4.9AI score0.00426EPSS
Exploits0References1
Rows per page
Query Builder