7 matches found
EUVD-2024-29945
Malicious code in bioql PyPI...
CVE-2024-32124
An improper access control vulnerability CWE-284 in FortiIsolator version 2.4.4, version 2.4.3, 2.3 all versions logging component may allow a remote authenticated read-only attacker to alter logs via a crafted HTTP request...
CVE-2024-32124
An improper access control vulnerability CWE-284 in FortiIsolator version 2.4.4, version 2.4.3, 2.3 all versions logging component may allow a remote authenticated read-only attacker to alter logs via a crafted HTTP request...
CVE-2024-32124
An improper access control vulnerability CWE-284 in FortiIsolator version 2.4.4, version 2.4.3, 2.3 all versions logging component may allow a remote authenticated read-only attacker to alter logs via a crafted HTTP request...
CVE-2024-27779
CVE-2024-27779 concerns an insufficient session expiration (CWE-613) in Fortinet FortiSandbox and FortiIsolator. Affected: FortiSandbox versions before 4.4.5 (and 4.0–4.2.6) and FortiIsolator versions before 2.4 (and 1.2–2.3). Impact: a remote attacker with a valid admin session cookie can contin...
CVE-2024-27779
An insufficient session expiration vulnerability CWE-613 in FortiSandbox FortiSandbox version 4.4.4 and below, version 4.2.6 and below, 4.0 all versions, 3.2 all versions and FortiIsolator version 2.4 and below, 2.3 all versions, 2.2 all versions, 2.1 all versions, 2.0 all versions, 1.2 all...
PT-2025-30015 · Fortinet · Fortiisolator
Name of the Vulnerable Software and Affected Versions: FortiIsolator versions 2.3 through 2.4.4 Description: An improper access control issue exists in the logging component of FortiIsolator. A remote authenticated read-only attacker may be able to alter logs by sending a crafted HTTP request...