Fortiauthenticator
by Fortinet
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-1457 | 0.00 | — | 0.00 | Feb 3, 2015 | Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command. | |||
| CVE-2015-1456 | 0.00 | — | 0.01 | Feb 3, 2015 | Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and passwords in cleartext, which allows remote administrators to obtain sensitive information by reading the log at debug/startup/. | |||
| CVE-2015-1455 | 0.00 | — | 0.03 | Feb 3, 2015 | Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the slony PostgreSQL user and (2) www-data for the www-data PostgreSQL user, which makes it easier for remote attackers to obtain access via unspecified vectors. | |||
| CVE-2013-6990 | 0.00 | — | 0.01 | Apr 30, 2014 | FortiGuard FortiAuthenticator before 3.0 allows remote administrators to gain privileges via the command line interface. |
- CVE-2015-1457Feb 3, 2015risk 0.00cvss —epss 0.00
Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command.
- CVE-2015-1456Feb 3, 2015risk 0.00cvss —epss 0.01
Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and passwords in cleartext, which allows remote administrators to obtain sensitive information by reading the log at debug/startup/.
- CVE-2015-1455Feb 3, 2015risk 0.00cvss —epss 0.03
Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the slony PostgreSQL user and (2) www-data for the www-data PostgreSQL user, which makes it easier for remote attackers to obtain access via unspecified vectors.
- CVE-2013-6990Apr 30, 2014risk 0.00cvss —epss 0.01
FortiGuard FortiAuthenticator before 3.0 allows remote administrators to gain privileges via the command line interface.
Page 2 of 2