Fortimanager Firmware Security Vulnerabilities and Issues — Fortimanager Firmware CVE List

Lucene search

FortinetFortimanager Firmware

6 matches found

CVE•added 2017/05/27 12:29 a.m.•47 views

CVE-2017-3126

An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter.

6.1CVSS6.5AI score0.00244EPSS

CVE•added 2017/08/22 3:29 p.m.•46 views

CVE-2015-3617

Fortinet FortiManager 5.0 before 5.0.11 and 5.2 before 5.2.2 allow local users to gain privileges via crafted CLI commands.

7.8CVSS7.6AI score0.0016EPSS

CVE•added 2017/02/13 3:59 p.m.•40 views

CVE-2016-8495

An improper certificate validation vulnerability in Fortinet FortiManager 5.0.6 through 5.2.7 and 5.4.0 through 5.4.1 allows remote attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack via the Fortisandbox devices probing feature.

7.4CVSS7.2AI score0.00128EPSS

CVE•added 2017/08/11 9:29 p.m.•35 views

CVE-2015-3614

Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to obtain arbitrary files via vectors involving another unspecified vulnerability.

7.5CVSS7.4AI score0.0032EPSS

CVE•added 2017/08/11 9:29 p.m.•32 views

CVE-2015-3615

Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving unspecified parameters and a privilege escalation attack.

5.4CVSS5.3AI score0.00179EPSS

CVE•added 2017/08/11 9:29 p.m.•31 views

CVE-2015-3616

SQL injection vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to execute arbitrary commands via unspecified parameters.

9.8CVSS9.9AI score0.00843EPSS