2971 matches found
CVE-2021-32600
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and t...
Design/Logic Flaw
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and t...
CVE-2021-32600
CVE-2021-32600 relates to Fortinet FortiOS CLI exposing sensitive VDOM information to a local, authenticated user. Connected sources (FG-IR-20-243) describe that a user assigned to a specific VDOM can retrieve information from other VDOMs, including the admin account list and the network interfac...
CVE-2021-32600
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and t...
CVE-2021-32600
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and t...
Fortinet FortiOS Information Disclosure Vulnerability (CNVD-2021-84253)
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A security vulnerability exists i...
Fortinet FortiOS SSL VPN Improper Authentication Vulnerability
Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication FortiToken if they change the case in their username...
Fortinet FortiOS SSL VPN Path Traversal Vulnerability
Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests...
CVE-2021-41019
An improper validation of certificate with host mismatch CWE-297 vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials...
CVE-2021-41019
An improper validation of certificate with host mismatch CWE-297 vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials...
Input validation
An improper validation of certificate with host mismatch CWE-297 vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials...
CVE-2021-41019
An improper validation of certificate with host mismatch CWE-297 vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials...
CVE-2021-41019
CVE-2021-41019 : FortiOS versions 6.4.6 and earlier are affected by an improper validation of certificates with host mismatch (CWE-297). This can allow a connection to a malicious LDAP server via GUI options, leading to disclosure of sensitive information such as AD credentials. The vulnerability...
CVE-2021-41019
An improper validation of certificate with host mismatch CWE-297 vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials...
Fortinet FortiOS 信任管理问题漏洞
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A security vulnerability exists i...
Protect
An improper validation of certificate with host mismatch CWE-297 vulnerability in FortiOS may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials...
The vulnerability of the FortiOS operating system, related to deficiencies in authentication procedures, allows attackers to gain access to the system without requiring a second authentication factor.
The vulnerability of the FortiOS operating system is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain access to the system remotely, without requiring a second authentication factor FortiToken...
Fortinet FortiOS has an unspecified vulnerability (CNVD-2021-101140)
Fortinet FortiOS is a security operating system from Fortinet that is dedicated to the FortiGate network security platform. The system provides users with a variety of security features such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam.Fortinet FortiOS has a security...
Fortinet FortiOS has an unspecified vulnerability (CNVD-2021-101141)
Fortinet FortiOS is a security operating system from Fortinet that is dedicated to the FortiGate network security platform. The system provides users with a variety of security features such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam.Fortinet FortiOS has a security...
Fortinet FortiOS 安全漏洞
Fortinet FortiOS is a security operating system from Fortinet that is dedicated to the FortiGate network security platform. The system provides users with a variety of security features such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam.Fortinet FortiOS has a security...