Lucene search
K

1255 matches found

NVD
NVD
added 2026/01/27 8:16 p.m.7 views

CVE-2026-24858

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager...

9.8CVSS0.85844EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/27 7:18 p.m.129 views

CVE-2026-24858

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager...

9.8CVSS0.85844EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/27 7:18 p.m.8 views

CVE-2026-24858

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager...

9.8CVSS6.1AI score0.85844EPSS
In wildExploits0References2Affected Software5
Vulnrichment
Vulnrichment
added 2026/01/27 7:18 p.m.4 views

CVE-2026-24858

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager...

9.8CVSS7AI score0.85844EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/27 7:18 p.m.8 views

EUVD-2026-4712

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager...

9.8CVSS5.9AI score0.85844EPSS
Exploits0References1
CVE
CVE
added 2026/01/27 7:18 p.m.660 views

CVE-2026-24858

CVE-2026-24858 is a high-severity authentication bypass affecting Fortinet FortiAnalyzer, FortiManager, FortiOS, FortiProxy, and FortiWeb (various 7.x versions) via FortiCloud SSO. The issue allows an attacker with a FortiCloud account and a registered device to log into other devices registered ...

9.8CVSS7AI score0.85844EPSS
In wildExploits0References4Affected Software6
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.8 views

Fortinet’s various products have security vulnerabilities

Fortinet FortiOS are products of the American company Fortinet. Fortinet FortiOS is a security operating system specifically designed for the FortiGate network security platform. Fortinet FortiManager is a centralized network security management platform. Fortinet FortiAnalyzer is a centralized...

9.8CVSS7AI score0.85844EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.7 views

PT-2026-5008

Name of the Vulnerable Software and Affected Versions FortiAnalyzer versions 7.0.0 through 7.0.15 FortiAnalyzer versions 7.2.0 through 7.2.11 FortiAnalyzer versions 7.4.0 through 7.4.9 FortiAnalyzer versions 7.6.0 through 7.6.5 FortiManager versions 7.0.0 through 7.0.15 FortiManager versions 7.2....

10CVSS7AI score0.85844EPSS
Exploits0References242
VulnCheck KEV
VulnCheck KEV
added 2026/01/27 12:0 a.m.5 views

VulnCheck KEV: CVE-2026-24858

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager...

9.8CVSS5.8AI score0.85844EPSS
In wildExploits0References6
CISA KEV Catalog
CISA KEV Catalog
added 2026/01/27 12:0 a.m.20 views

Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability

Fortinet FortiAnalyzer, FortiManager, FortiOS, and FortiProxy contain an authentication bypass using an alternate path or channel that could allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication...

9.8CVSS5.9AI score0.85844EPSS
In wildExploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:56 a.m.8 views

CVE-2020-12811

An improper neutralization of script-related HTML tags in a web page in FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3and FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3 may allow an attacker to execute a cross site scripting XSS via the Identify Provider name field...

6.1CVSS5.8AI score0.00801EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:32 a.m.6 views

CVE-2023-25609

A server-side request forgery SSRF vulnerability CWE-918 in FortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 through 6.4.11 may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests...

6.5CVSS6.9AI score0.00378EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:31 a.m.6 views

CVE-2023-25606

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability CWE-23 in FortiAnalyzer and FortiManager management interface 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions may allow a remote and authenticated attacker to retrieve arbitrary files from the...

6.5CVSS6.9AI score0.00459EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.5 views

CVE-2022-38377

An improper access control vulnerability CWE-284 in FortiManager 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11 and FortiAnalyzer 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.0 through 6.0.12 may allow a remote and...

4.3CVSS6.6AI score0.0055EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/12 3:11 p.m.6 views

CVE-2024-40593

A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.2, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6...

6CVSS6.7AI score0.00096EPSS
Exploits0References1
OSV
OSV
added 2025/12/11 3:15 p.m.7 views

CVE-2024-40593

A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.2, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6...

4.4CVSS5.8AI score0.00096EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/11 2:10 p.m.17 views

EUVD-2024-55320

A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.2, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6...

6CVSS6.2AI score0.00096EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/11 2:10 p.m.11 views

CVE-2024-40593

A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.2, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6...

6CVSS6.3AI score0.00096EPSS
Exploits0References1
CVE
CVE
added 2025/12/11 2:10 p.m.57 views

CVE-2024-40593

CVE-2024-40593 affects Fortinet FortiAnalyzer, FortiManager, FortiOS and FortiPortal products across multiple versions (notably FortiAnalyzer 6.4, 7.0, 7.2.x, 7.4.x; FortiManager 6.4, 7.0, 7.2.x, 7.4.x; FortiOS 7.x; FortiPortal 6.0). The vulnerability is a key management error that may allow an a...

6CVSS6.3AI score0.00096EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/11 2:10 p.m.42 views

CVE-2024-40593

A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.2, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6...

6CVSS0.00096EPSS
Exploits0References1
Rows per page
Query Builder