Lucene search
K
FortinetRecent

649 matches found

Fortinet
Fortinet
added 2022/04/05 12:0 a.m.50 views

FortiWAN - Stored Cross-site scripting in log viewer

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiWAN may allow an attacker to perform a stored cross-site scripting attack via specifically crafted HTTP requests...

4.3CVSS5.7AI score0.00682EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/04/05 12:0 a.m.43 views

FortiWAN - Improper cryptographic operations in Dynamic Tunnel Protocol

A use of a broken or risky cryptographic algorithm vulnerability CWE-327 in the Dynamic Tunnel Protocol of FortiWAN may allow an unauthenticated remote attacker to decrypt and forge protocol communication messages...

6.4CVSS6.5AI score0.00549EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/04/05 12:0 a.m.42 views

FortiEDR - Insecure RSA key transport

A use of hard-coded cryptographic key vulnerability CWE-321 in FortiEDR may allow an unauthenticated attacker on the network to disguise as and forge messages from other collectors...

6.4CVSS8.8AI score0.00897EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/04/05 12:0 a.m.68 views

FortiWAN - Pervasive SQL injection

Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests...

7.5CVSS10AI score0.0149EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/04/05 12:0 a.m.48 views

FortiWAN - Use of hardcoded salt for password hashing

A use of a one-way hash with a predictable salt vulnerability CWE-760 in FortiWAN may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored...

5CVSS7.4AI score0.00397EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/04/05 12:0 a.m.63 views

FortiClient (Linux) - external access to confighandler webserver

An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiClient for Linux may allow an unauthenticated attacker to access the confighandler webserver via external binaries...

5CVSS4.4AI score0.00888EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/04/05 12:0 a.m.44 views

FortiEDR - Hardcoded AES key enable disabling local Collector

A use of hard-coded cryptographic key vulnerability CWE-321 in the registration mechanism of FortiEDR collectors may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment...

4.6CVSS7.1AI score0.0019EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/04/05 12:0 a.m.44 views

FortiWLC - Access of Uninitialized Pointer vulnerability

An access of uninitialized pointer CWE-824 vulnerability in FortiWLC may allow a local and authenticated attacker to crash the access point being managed by the controller by executing a crafted CLI command...

5AI score0.0016EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/04/05 12:0 a.m.53 views

FortiEDR - Denial of service due to folder access permission change

An improper control of a resource through its lifetime CWE-664 vulnerability in FortiEDR Collector may allow a privileged attacker to make the application unresponsive via changing its root directory access permission...

2.1CVSS5.2AI score0.00208EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/04/05 12:0 a.m.97 views

FortiClient (Windows) - privilege escalation in online installer due to incorrect working directory

An improper initialization CWE-665 vulnerability in FortiClient Windows may allow a local attacker to gain administrative privileges via placing a malicious executable inside the FortiClient installer's directory...

4.6CVSS5.3AI score0.00373EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/04/01 12:0 a.m.333 views

CVE-2022-22965 and CVE-2022-22963 vulnerabilities

Two distinct spring project vulnerabilities where released recently with critical CVSS score and classified as zero-Day attacks. The two vulnerabilities are currently known as : CVE-2022-22965 or Spring4Shell: A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remot...

7.5CVSS8.5AI score0.99939EPSS
Exploits133Affected Software1
Fortinet
Fortinet
added 2022/04/01 12:0 a.m.105 views

Protect

A security advisory was released affecting  the version of OpenSSL library used in some Fortinet products:...

5CVSS8AI score0.70561EPSS
Exploits2Affected Software26
Fortinet
Fortinet
added 2022/03/01 12:0 a.m.84 views

FortiMail - Administrative authentication bypass

An improper authentication vulnerability CWE-287 in FortiMail may allow a remote attacker to efficiently guess one administrative account's authentication token by means of the observation of certain system's properties...

7.5CVSS9AI score0.01449EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/03/01 12:0 a.m.40 views

FortiWLM - Path traversal vulnerability

Multiple relative path traversal vulnerabilities CWE-23 in FortiWLM management interface may allow an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests...

4CVSS5.6AI score0.00547EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/03/01 12:0 a.m.56 views

FortiToken Mobile (Android) - Deny request approved from External push notification

An improper access control vulnerability CWE-284 in FortiToken Mobile Android external push notification may allow a remote attacker having already obtained a user's password to access the protected system during the 2FA procedure, even though the deny button is clicked by the legitimate user...

3.5CVSS3.2AI score0.00636EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/03/01 12:0 a.m.48 views

FortiWLM - command Injection in script handlers

An improper neutralization of special elements used in an OS command 'OS Command Injection' CWE-78 vulnerability in FortiWLM may allow an authenticated attacker to execute arbitrary shell commands via crafted HTTP requests to the alarm dashboard and controller config handlers...

9CVSS4.2AI score0.01639EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/03/01 12:0 a.m.63 views

FortiWLM - SQL Injection in AP report handlers

An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability CWE-89 in FortiWLM may allow an authenticated attacker to alter the query logic and execute arbitrary SQL statements via crafted HTTP requests to the AP monitor handlers...

6.5CVSS5.8AI score0.00798EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/03/01 12:0 a.m.27 views

FortiMail - Unsafe handling of CGI environment parameters in web server framework

An improper input validation CWE-20 vulnerability in the web server CGI facilities of FortiMail may allow an unauthenticated attacker to alter the environment of the underlying script interpreter via specifically crafted HTTP requests...

7.5CVSS8.9AI score0.01038EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/03/01 12:0 a.m.103 views

FortiManager --- Password observed in cleartext in the config conflict file

An exposure of sensitive system information to an unauthorized control sphere vulnerability CWE-497 in FortiManager may allow a low privileged authenticated user to gain access to the FortiGate users credentials via the config conflict file...

2.1CVSS5.5AI score0.0021EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/03/01 12:0 a.m.69 views

Protect

An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in FortiOS may allow a privileged attacker to disclose sensitive information via SNI Client Hello TLS packets...

4CVSS4.8AI score0.00641EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/03/01 12:0 a.m.43 views

FortiAP-C - Command injection in CLI

An improper neutralization of special elements used in an OS Command vulnerability CWE-78 in FortiAP-C console may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments...

4.6CVSS7.6AI score0.00281EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/03/01 12:0 a.m.33 views

FortiAnalyzer, FortiManager - bypass of client-side password change policy enforcement

An improper handling of insufficient permissions or privileges vulnerability CWE-280 in FortiAnalyzer and FortiManager may allow an authenticated attacker to bypass the device policy and force the password-change action for its user...

6.5CVSS8.3AI score0.00897EPSS
Exploits0Affected Software2
Fortinet
Fortinet
added 2022/03/01 12:0 a.m.64 views

FortiPortal - Insecure password generation

The use of a cryptographically weak pseudo-random number generator CWE-338 in the password reset feature of FortiPortal may allow a remote unauthenticated attacker to predict parts of or the whole newly generated password within a given time frame...

6.8CVSS8AI score0.01136EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/02/01 12:0 a.m.80 views

FortiExtender - Arbitrary command execution because of missing CLI input sanitization

An improper neutralization of special elements used in a command vulnerability 'Command Injection' CWE-77 in FortiExtender may allow an authenticated user to raise its privileges to admin user via crafted arguments of the execute CLI command...

9CVSS5.9AI score0.01055EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/02/01 12:0 a.m.32 views

FortiWeb - Stack-based buffer overflow in command line interpreter

Multiple stack-based buffer overflows CWE-121 in the command line interpreter of FortiWeb may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands...

6.5CVSS7.4AI score0.00816EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/02/01 12:0 a.m.19 views

FortiWeb - arbitrary file/directory deletion

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability CWE-22 in FortiWeb management interface may allow an authenticated attacker to perform an arbitrary file and directory deletion in the device filesystem...

8.5CVSS5.3AI score0.0113EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/02/01 12:0 a.m.41 views

FortiWeb - OS command injection due to direct input interpolation in API controllers

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in FortiWeb may allow an authenticated attacker to execute arbitrary code or commands via crafted HTTP requests to ApplicationDelivery, JsonProtection and WebProtection controllers...

6.5CVSS9AI score0.01386EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/02/01 12:0 a.m.70 views

FortiMail - reflected cross-site scripting vulnerability in FortiGuard URI protection

An improper neutralization of input during web page generation vulnerability 'Cross-site Scripting' CWE-79 in FortiMail may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests to the FortiGuard URI protection service...

4.3CVSS1.4AI score0.12936EPSS
Exploits5Affected Software1
Fortinet
Fortinet
added 2022/02/01 12:0 a.m.32 views

FortiWeb - OS command injection due to unsafe input validation function

An improper neutralization of special elements used in an OS command vulnerability 'OS Command Injection' CWE-78 in FortiWeb may allow authenticated users to execute unauthorized code or commands via crafted HTTP GET requests to WAD configuration handlers...

9CVSS8.5AI score0.03323EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2022/02/01 12:0 a.m.32 views

FortiAuthenticator - Improper access control in HA service

An improper access control vulnerability CWE-284 in FortiAuthenticator HA service may allow an attacker on the same vlan as the HA management interface to make an unauthenticated direct connection to the FAC's database...

3.3CVSS5.2AI score0.00301EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/28 12:0 a.m.74 views

Multiple Apache Vulnerabilities fixed in 2.4.52

The Apache project released an advisory, describing the following vulnerabilities:...

7.5CVSS2.4AI score0.97108EPSS
Exploits4
Fortinet
Fortinet
added 2021/12/12 12:0 a.m.185 views

Apache log4j2 log messages substitution (CVE-2021-44228)

Apache Log4j =2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when...

9.3CVSS5AI score0.99999EPSS
Exploits354Affected Software2
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.28 views

FortiWLC - Improper authenticated access control

An improper access control vulnerability CWE-284 in FortiWLC may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions...

9CVSS5.7AI score0.01954EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.26 views

FortiSandbox, FortiWeb, FortiADC, FortiMail - Multiple cryptographic flaws allow for full LDAP and RADIUS passwords compromise

A missing cryptographic steps vulnerability CWE-325 in the function that encrypts users' LDAP and RADIUS credentials in FortiSandbox, FortiWeb, FortiADC, and FortiMail may allow an attacker in possession of the password store to compromise the confidentiality of the encrypted secrets.Â...

2.6CVSS5.6AI score0.00902EPSS
Exploits0Affected Software4
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.49 views

FortiWeb - Reflected cross-site scripting in error controllers

Multiple improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 in FortiWeb may allow an unauthenticated user to inject malicious javascript code into the response webpage via crafted requests to device's error handlers...

4.3CVSS6.5AI score0.00652EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.36 views

FortiNAC - improper permissions set for tomcat users configuration file

An incorrect permission assignment for a critical resource vulnerability CWE-732 in FortiNAC may allow an authenticated attacker to access sensitive system data and, as a consequence, raise the authenticated user's privilege to admin...

7.2CVSS5.8AI score0.00426EPSS
Exploits1Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.64 views

FortiWeb - Reflected cross-site scripting in SAML login

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiWeb may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests to the SAML login webpage...

4.3CVSS5.9AI score0.00823EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.33 views

FortiWeb - Stack-based buffer overflows in API controllers

Multiple stack-based buffer overflows CWE-121 in the API controllers of FortiWeb may allow an authenticated attacker to achieve arbitrary code execution via specially crafted requests...

6.5CVSS8.9AI score0.01397EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.36 views

FortiClient EMS - SAML SSO replay attack

An authentication bypass by capture-replay vulnerability CWE-294 in FortiClient EMS may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages...

6.4CVSS4.9AI score0.00955EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.33 views

FortiWeb - Reflected cross-site scripting vulnerability in login handler

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiWeb may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests to the login webpage...

4.3CVSS0.9AI score0.00885EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.60 views

FortiWeb - Path traversal in API controller

Multiple relative path traversal vulnerabilities CWE-23 in the API of FortiWeb may allow an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests...

4CVSS5.6AI score0.0089EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.38 views

FortiWeb - Open redirect in redir handler due to direct input interpolation

An URL redirection to untrusted site 'Open Redirect' CWE-601 vulnerability in FortiWeb may allow an authenticated attacker to use the device as a proxy and reach external or protected hosts via redirection handlers...

5.8CVSS4.2AI score0.0061EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.53 views

Protect

A buffer overflow CWE-121 in the TFTP client library of FortiOS, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments...

4.6CVSS7.2AI score0.00479EPSS
Exploits0Affected Software14
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.79 views

Protect

A use of hard-coded cryptographic key vulnerability CWE 321 in FortiOS SSLVPN may allow an attacker to retrieve the key by reverse engineering...

5CVSS7.2AI score0.01042EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.30 views

FortiNAC - Privilege Escalation via exploiting the SUDO privileges.

A privilege escalation vulnerability in FortiNAC may allow an admin user to escalate the privileges to root via the sudo command...

7.2CVSS4.5AI score0.00251EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.28 views

FortiWLM - stored cross-site scripting in hotspot profile controller

An improper neutralization of input during web page generation vulnerability 'Cross-site Scripting' CWE-79 in FortiWLM may allow an authenticated attacker to perform a stored cross site scripting attack XSS via storing malicious payloads and trigger the attack on victim's client via various...

3.5CVSS2AI score0.00515EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.37 views

FortiAuthenticator - "Mandatory password and OTP" setting not enforcing OTP on unimported remote users

An incorrect implementation of authentication algorithm vulnerability CWE-303 in FortiAuthenticator may allow an user whose LDAP account is unimported to bypass the second factor of authentication via a RADIUS login portal...

5.5CVSS7.9AI score0.00565EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.18 views

FortiWeb - Multiple vulnerabilities in the authentication mechanism of confd

Multiple vulnerabilities in the authentication mechanism of FortiWeb's confd, including an instance of concurrent execution using shared resource with improper synchronization CWE-362 and one of authentication bypass by capture-replay CWE-294, may allow a remote unauthenticated attacker to...

2.8AI score
Exploits0Affected Software2
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.38 views

FortiWeb - Confused deputy issue on SERVER_NAME causes open proxy flaw

An unintended proxy or intermediary 'Confused Deputy' CWE-441 in FortiWeb may allow an authenticated attacker to use the device as proxy to reach any protected host via crafted HTTP requests...

6.5CVSS6.1AI score0.00807EPSS
Exploits0Affected Software1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.44 views

FortiWeb - heap-based buffer overflow in API v1.0 controller

A heap-based buffer overflow CWE-122 vulnerability in FortiWeb may allow an authenticated attacker to execute arbitrary code or commands via crafted HTTP requests to the LogAccess and LogReport API controller...

6.5CVSS3.9AI score0.0122EPSS
Exploits0Affected Software1
Total number of security vulnerabilities649