15 matches found
Fortinet Fortigate Weak authentication in security fabric daemon (FG-IR-24-058)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-058 advisory. - A channel accessible by non-endpoint vulnerability CWE-300 in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through...
Fortinet Fortigate Privilege escalation in automation-stitch (FG-IR-24-385)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-385 advisory. - AnAuthentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 in FortiOS and FortiProxymay allow an...
CVE-2020-15936
A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets...
Fortinet Fortigate TACACS+ authentication bypass (FG-IR-24-472)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-472 advisory. - A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager...
Fortinet Fortigate DoS in Security Fabric Root (FG-IR-24-388)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-388 advisory. - An integer overflow or wraparound vulnerability CWE-190 in FortiOS Security Fabric may allow a remote unauthenticated...
Fortinet Fortigate LDAP Clear-text credentials retrievable with IP modification (FG-IR-24-111)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-111 advisory. - A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0...
Fortinet Fortigate Stack buffer overflow in fabric service (FG-IR-24-160)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-160 advisory. - A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.4 through 7.2.8 and version 7.4.0 throu...
Fortinet Fortigate Unchecked boundary length causing multiple logic flaws (FG-IR-24-250)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-250 advisory. - An allocation of resources without limits or throttling CWE-770 vulnerability in FortiOS versions 7.6.0, versions 7.4.4...
Fortinet Fortigate - Improper authentication in fgfmd (FG-IR-24-032)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-032 advisory. - A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4,...
Fortinet Fortigate ['CSRF'] (FG-IR-20-158)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-158 advisory. - An insufficient verification of data authenticity vulnerability CWE-345 in the user interface of FortiProxy verison 2.0.3 a...
Fortinet Fortigate Heap-based Buffer Overflow in firmware signature verification (FG-IR-21-115)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-115 advisory. - A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 throug...
Fortinet Fortigate Buffer Underwrite in firmware verification (FG-IR-21-046)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-046 advisory. - A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker locate...
Fortinet Fortigate Format string vulnerability in command line interpreter (FG-IR-21-235)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-235 advisory. - A format string vulnerability CWE-134 in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC...
Fortinet Fortigate Stack-based buffer overflows via crafted CLI commands (FG-IR-21-206)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-206 advisory. - A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiAnalyzer version 7.0.2 and below,...
PT-2023-7424 · Fortinet · Fortigate +1
Name of the Vulnerable Software and Affected Versions: FortiGate versions 7.2.3 and below FortiGate versions 7.0.9 and below Description: The issue is related to a permissive list of allowed inputs, which may allow an authenticated SSL-VPN user to bypass the policy via bookmarks in the web portal...