Fortiedr@* Security Vulnerabilities and Issues — Fortiedr@* CVE List

Lucene search

FortinetFortiedr*

4 matches found

CVE•added 2022/07/19 2:15 p.m.•56 views

CVE-2022-29057

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiEDR version 5.1.0, 5.0.0 through 5.0.3 Patch 6 and 4.0.0 allows a remote authenticated attacker to perform a reflected cross site scripting attack (XSS) by injecting malicious payload into the Ma...

5.4CVSS5AI score0.002EPSS

CVE•added 2023/11/14 6:15 p.m.•49 views

CVE-2023-44248

An improper access control vulnerability [CWE-284] in FortiEDRCollectorWindows version 5.2.0.4549 and below, 5.0.3.1007 and below, 4.0 all may allow a local attacker to prevent the collector service to start in the next system reboot by tampering with some registry keys of the service.

5.5CVSS5.3AI score0.0004EPSS

CVE•added 2022/11/02 12:15 p.m.•41 views

CVE-2022-39949

An improper control of a resource through its lifetime vulnerability [CWE-664] in FortiEDR CollectorWindows 4.0.0 through 4.1, 5.0.0 through 5.0.3.751, 5.1.0 may allow a privileged user to terminate the FortiEDR processes with special tools and bypass the EDR protection.

5.5CVSS5.4AI score0.00007EPSS

CVE•added 2023/10/13 3:15 p.m.•36 views

CVE-2023-33303

A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows attacker to execute unauthorized code or commands via api request

8.1CVSS8.2AI score0.00082EPSS