CVE-2025-54822

An improper authorization vulnerability CWE-285 vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.8, FortiOS 7.0.0 through 7.0.11, FortiProxy 7.4.0 through 7.4.8, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiProxy 2.0 all versions allows an...

EUVD-2019-10463

Malware in sbrugna...

EUVD-2018-0920

Malware in sbrugna...

CVE-2024-32119

An improper authentication vulnerability CWE-287 in Fortinet FortiClientEMS version 7.4.0 and before 7.2.4 allows an unauthenticated attacker with the knowledge of the targeted user's FCTUID and VDOM to perform operations such as uploading or tagging on behalf of the targeted user via specially...

Fortinet FortiManager 安全漏洞

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management domains ADOM to further simplify the deployment and management of multi-device...

CVE-2022-23442

An improper access control vulnerability CWE-284 in FortiOS versions 6.2.0 through 6.2.11, 6.4.0 through 6.4.8 and 7.0.0 through 7.0.5 may allow an authenticated attacker with a restricted user profile to gather the checksum information about the other VDOMs via CLI commands...

CVE-2021-32600

An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and t...

Cisco Prime Infrastructure Virtual Domain Privilege Escalation (cisco-sa-20190619-prime-privescal)

According to its self-reported version, the Cisco Prime Infrastructure application running on the remote host is 2.22.0.78 prior to 3.12.0.0 or 3.50.0 prior to 3.51. It is, therefore, affected by a privilege escalation vulnerability in the Virtual Domain system due to improper validation of API...

Cisco Prime Infrastructure Virtual Domain System Privilege Permission and Access Control Issues Vulnerability

Cisco Prime Infrastructure Software is a set of Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technologies for wireless management. Virtual Domain system is one of the virtual domain system. A privilege permission and access control error vulnerability exists ...

CVE-2019-1906

A vulnerability in the Virtual Domain system of Cisco Prime Infrastructure PI could allow an authenticated, remote attacker to change the virtual domain configuration, which could lead to privilege escalation. The vulnerability is due to improper validation of API requests. An attacker could...

CVE-2019-1906

A vulnerability in the Virtual Domain system of Cisco Prime Infrastructure PI could allow an authenticated, remote attacker to change the virtual domain configuration, which could lead to privilege escalation. The vulnerability is due to improper validation of API requests. An attacker could...

Privilege escalation

A vulnerability in the Virtual Domain system of Cisco Prime Infrastructure PI could allow an authenticated, remote attacker to change the virtual domain configuration, which could lead to privilege escalation. The vulnerability is due to improper validation of API requests. An attacker could...

CVE-2019-1906 Cisco Prime Infrastructure Virtual Domain Privilege Escalation Vulnerability

A vulnerability in the Virtual Domain system of Cisco Prime Infrastructure PI could allow an authenticated, remote attacker to change the virtual domain configuration, which could lead to privilege escalation. The vulnerability is due to improper validation of API requests. An attacker could...

CVE-2019-1906 Cisco Prime Infrastructure Virtual Domain Privilege Escalation Vulnerability

A vulnerability in the Virtual Domain system of Cisco Prime Infrastructure PI could allow an authenticated, remote attacker to change the virtual domain configuration, which could lead to privilege escalation. The vulnerability is due to improper validation of API requests. An attacker could...

CVE-2019-1906

CVE-2019-1906 affects Cisco Prime Infrastructure Virtual Domain Privilege Escalation. Affected versions (per self-reported data) include 2.2(2.0.78) prior to 3.1(2.0.0) or 3.5(0.0) prior to 3.5(1); the vulnerability stems from improper validation of API requests in the Virtual Domain system. An a...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Virtual Domain Privilege Escalation Vulnerability

A vulnerability in the Virtual Domain system of Cisco Prime Infrastructure PI and Evolved Programmable Network Manager EPN Manager could allow an authenticated, remote attacker to change the virtual domain configuration, which could lead to privilege escalation. The vulnerability is due to improp...

Cisco Prime Infrastructure Elevation of Privilege Vulnerability (CNVD-2018-02043)

Cisco Prime Infrastructure PI is a set of Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technologies for wireless management. solution. An elevation of privilege vulnerability exists in Role-Based Access Control RBAC in Cisco Prime Infrastructure, which stems...

Design/Logic Flaw

A vulnerability in the role-based access control RBAC functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one virtual domain user can view and modify another virtual domain configuration. The vulnerability is due to ...

CVE-2018-0096

A vulnerability in the role-based access control RBAC functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one virtual domain user can view and modify another virtual domain configuration. The vulnerability is due to ...

CVE-2018-0096

A vulnerability in the role-based access control RBAC functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one virtual domain user can view and modify another virtual domain configuration. The vulnerability is due to ...