44 matches found
Fortinet Fortigate Private key readable by admin (FG-IR-24-133)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-133 advisory. - A key management error vulnerability CWE-320 in FortiManager, FortiAnalyzer and FortiPortal may allow an authenticated admi...
Fortinet Fortigate Trusted hosts bypass via SSH (FG-IR-25-545)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-545 advisory. - An Improper Privilege Management vulnerability CWE-269 in FortiOS, FortiProxy and FortiPAM may allow an authenticated...
EUVD-2021-10932
Malware in sbrugna...
EUVD-2021-12924
Malware in sbrugna...
EUVD-2020-5101
Malware in sbrugna...
EUVD-2020-7908
Malware in sbrugna...
EUVD-2012-6202
Malware in sbrugna...
EUVD-2020-5102
Malware in sbrugna...
EUVD-2022-27448
Malicious code in bioql PyPI...
EUVD-2022-45539
Malicious code in bioql PyPI...
Fortinet Fortigate SSH key is added even if operation is aborted (FG-IR-23-008)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-008 advisory. - An incomplete cleanup vulnerability CWE-459 in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2...
Fortinet Fortigate Weak authentication in security fabric daemon (FG-IR-24-058)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-058 advisory. - A channel accessible by non-endpoint vulnerability CWE-300 in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through...
Fortinet Fortigate Privilege escalation in automation-stitch (FG-IR-24-385)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-385 advisory. - AnAuthentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 in FortiOS and FortiProxymay allow an...
Fortinet Fortigate eap-cert-auth bypass via revoked certificate (FG-IR-24-544)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-544 advisory. - An Improper Certificate Validation vulnerability CWE-295 in FortiOS version 7.6.1 and below, version 7.4.7 and below may...
CVE-2022-42469
A permissive list of allowed inputs vulnerability CWE-183 in FortiGate version 7.2.3 and below, version 7.0.9 and below Policy-based NGFW Mode may allow an authenticated SSL-VPN user to bypass the policy via bookmarks in the web portal...
CVE-2021-24012
An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted Certificate Authority...
CVE-2020-15937
An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack XSS via the IPS and WAF logs dashboard...
CVE-2020-15936
A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets...
CVE-2020-12818
An insufficient logging vulnerability in FortiGate before 6.4.1 may allow the traffic from an unauthenticated attacker to Fortinet owned IP addresses to go unnoticed...
Fortinet Fortigate TACACS+ authentication bypass (FG-IR-24-472)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-472 advisory. - A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager...