7 matches found
U.S., U.K. and Australia Warn of Iranian Hackers Exploiting Microsoft, Fortinet Flaws
Cybersecurity agencies from Australia, the U.K., and the U.S. on Wednesday released a joint advisory warning of active exploitation of Fortinet and Microsoft Exchange ProxyShell vulnerabilities by Iranian state-sponsored actors to gain initial access to vulnerable systems for follow-on activities...
Unpatched Remote Hacking Flaw Disclosed in Fortinet's FortiWeb WAF
Details have emerged about a new unpatched security vulnerability in Fortinet's web application firewall WAF appliances that could be abused by a remote, authenticated attacker to execute malicious commands on the system. "An OS command injection vulnerability in FortiWeb's management interface...
CVE-2019-5591
creationtimestamp| type| source ---|---|--- 2020-08-14 20:55:17+00:00| seen| https://t.me/cibsecurity/14145 2021-05-27 19:49:44+00:00| seen| MISP/98c0be2f-eadc-4ce5-9072-82ceacaea9c6 2021-07-29 17:59:02+00:00| seen| https://t.me/RussianOSINT/875 2021-10-25 22:30:42+00:00| seen|...
CVE-2019-5591
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server...
CVE-2019-5591
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server...
CVE-2019-5591
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server. Recent assessments: ccondon-r7 at April 05, 2021 2:16pm UTC reported: One of three vulnerabilities CISA and the FBI have...
Fortinet FortiGate < 6.2.1 Information Disclosure (FG-IR-19-037)
The remote host is running a FortiOS version prior to 6.2.1. It is, therefore, affected by an information disclosure vulnerability. An unauthenticated attacker on the same subnet may be able to intercept sensitive information by impersonating the configured LDAP server. C Tenable Network Security...