2971 matches found
CVE-2024-36505
An improper access control vulnerability CWE-284 in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system via another hypothetical exploit to bypass the file integrity...
CVE-2022-45862
An insufficient session expiration vulnerability CWE-613 vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below...
CVE-2022-45862
An insufficient session expiration vulnerability CWE-613 vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below...
CVE-2022-45862
An insufficient session expiration vulnerability CWE-613 vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below...
CVE-2022-45862
CVE-2022-45862 describes an insufficient session expiration flaw in Fortinet products (FortiOS, FortiProxy, FortiPAM, FortiSwitchManager) that may allow an attacker to reuse a GUI web session after logout if the attacker has the required credentials. Affected versions include FortiOS 7.2.5 and ea...
CVE-2022-45862
An insufficient session expiration vulnerability CWE-613 vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below...
CVE-2024-36505
An improper access control vulnerability CWE-284 in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system via another hypothetical exploit to bypass the file integrity...
CVE-2024-36505
An improper access control vulnerability CWE-284 in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system via another hypothetical exploit to bypass the file integrity...
CVE-2024-36505
FortiOS contains an improper access control vulnerability (CWE-284) that could allow an attacker who already has write access to bypass the real-time file integrity checking system. Affected versions: FortiOS 7.4.0–7.4.3, 7.2.5–7.2.7, 7.0.12–7.0.14, and all 6.4.x. Root cause: bypass of file integ...
Fortinet Fortigate Real-time file system integrity checking write protection bypass (FG-IR-24-012)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-012 advisory. - An improper access control vulnerability CWE-284 in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14...
Fortinet FortiOS 访问控制错误漏洞
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An access control error...
PT-2024-5820 · Fortinet · Fortiproxy +3
Name of the Vulnerable Software and Affected Versions: FortiOS versions 7.2.5 and below, 7.0 all versions, 6.4 all versions FortiProxy versions 7.2 all versions, 7.0 all versions FortiPAM versions 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions FortiSwitchManager versions...
Fortinet Fortigate GUI Console WebSockets do not terminate on logout (FG-IR-22-445)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-445 advisory. - An insufficient session expiration vulnerability CWE-613 vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 al...
Fortinet FortiOS Cross-Site Scripting Vulnerability
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform of the United States Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A cross-site scripting...
CVE-2024-26015
An incorrect parsing of numbers with different radices vulnerability CWE-1389 in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit a...
CVE-2024-26015
An incorrect parsing of numbers with different radices vulnerability CWE-1389 in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit a...
CVE-2024-26015
Fortinet FortiProxy/FortiOS vulnerable to an incorrect parsing of numbers with different radices (CWE-1389) in IP address validation, enabling an unauthenticated attacker to bypass the IP blocklist. Affected: FortiProxy 7.4.3 and below, 7.2.10 and below, 7.0.17 and below; FortiOS 7.4.3 and below,...
CVE-2024-26015
An incorrect parsing of numbers with different radices vulnerability CWE-1389 in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit a...
Siemens RUGGEDCOM APE 1808
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
PT-2024-5554 · Fortinet · Fortiproxy +1
Name of the Vulnerable Software and Affected Versions: FortiProxy versions 7.4.3 and below FortiProxy versions 7.2.10 and below FortiProxy versions 7.0.17 and below FortiOS versions 7.4.3 and below FortiOS versions 7.2.8 and below FortiOS versions 7.0.15 and below Description: The issue is relate...