VYPR

Vendor CVEs

Fortinet

All CVEs

1,127 total · sorted by risk
  • CVE-2021-26097Aug 4, 2021
    risk 0.00cvss epss 0.01

    An improper neutralization of special elements used in an OS Command vulnerability in FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6 may allow an authenticated attacker with access to the web GUI to execute unauthorized code or commands via…

  • CVE-2021-32596Aug 4, 2021
    risk 0.00cvss epss 0.00

    A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables.

  • CVE-2020-29011Aug 4, 2021
    risk 0.00cvss epss 0.01

    Instances of SQL Injection vulnerabilities in the checksum search and MTA-quarantine modules of FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated attacker to execute unauthorized code on the underlying SQL interpreter via specifically crafted…

  • CVE-2021-36168Aug 4, 2021
    risk 0.00cvss epss 0.01

    A Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Fortinet FortiPortal 6.x before 6.0.5, FortiPortal 5.3.x before 5.3.6 and any FortiPortal before 6.2.5 allows authenticated attacker to disclosure information via crafted GET request with…

  • CVE-2021-24010Aug 4, 2021
    risk 0.00cvss epss 0.01

    Improper limitation of a pathname to a restricted directory vulnerabilities in FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated user to obtain unauthorized access to files and data via specifially crafted web requests.

  • CVE-2021-24018Aug 4, 2021
    risk 0.00cvss epss 0.01

    A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.

  • CVE-2021-32590Aug 4, 2021
    risk 0.00cvss epss 0.02

    Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow an attacker with regular user's privileges to execute arbitrary commands on…

  • CVE-2021-32594Aug 4, 2021
    risk 0.00cvss epss 0.01

    An unrestricted file upload vulnerability in the web interface of FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow a low-privileged user to potentially tamper with the underlying system's files via the upload of…

  • CVE-2021-26098Aug 4, 2021
    risk 0.00cvss epss 0.01

    An instance of small space of random values in the RPC API of FortiSandbox before 4.0.0 may allow an attacker in possession of a few information pieces about the state of the device to possibly predict valid session IDs.

  • CVE-2021-26095Jul 20, 2021
    risk 0.00cvss epss 0.01

    The combination of various cryptographic issues in the session management of FortiMail 6.4.0 through 6.4.4 and 6.2.0 through 6.2.6, including the encryption construction of the session cookie, may allow a remote attacker already in possession of a cookie to possibly reveal and…

  • CVE-2021-24022Jul 20, 2021
    risk 0.00cvss epss 0.00

    A buffer overflow vulnerability in FortiAnalyzer CLI 6.4.5 and below, 6.2.7 and below, 6.0.x and FortiManager CLI 6.4.5 and below, 6.2.7 and below, 6.0.x may allow an authenticated, local attacker to perform a Denial of Service attack by running the `diagnose system geoip-city`…

  • CVE-2021-22125Jul 20, 2021
    risk 0.00cvss epss 0.01

    An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file.

  • CVE-2021-24013Jul 12, 2021
    risk 0.00cvss epss 0.01

    Multiple Path traversal vulnerabilities in the Webmail of FortiMail before 6.4.4 may allow a regular user to obtain unauthorized access to files and data via specifically crafted web requests.

  • CVE-2021-24015Jul 12, 2021
    risk 0.00cvss epss 0.01

    An improper neutralization of special elements used in an OS Command vulnerability in the administrative interface of FortiMail before 6.4.4 may allow an authenticated attacker to execute unauthorized commands via specifically crafted HTTP requests.

  • CVE-2021-26088Jul 12, 2021
    risk 0.00cvss epss 0.01

    An improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO firewall policy and access the protected network via sending specifically crafted UDP login notification packets.

  • CVE-2021-26090Jul 12, 2021
    risk 0.00cvss epss 0.01

    A missing release of memory after its effective lifetime vulnerability in the Webmail of FortiMail 6.4.0 through 6.4.4 and 6.2.0 through 6.2.6 may allow an unauthenticated remote attacker to exhaust available memory via specifically crafted login requests.

  • CVE-2021-26089Jul 12, 2021
    risk 0.00cvss epss 0.00

    An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged user to execute arbitrary privileged shell commands during installation phase.

  • CVE-2021-26099Jul 12, 2021
    risk 0.00cvss epss 0.01

    Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext.

  • CVE-2021-24007Jul 9, 2021
    risk 0.00cvss epss 0.01

    Multiple improper neutralization of special elements of SQL commands vulnerabilities in FortiMail before 6.4.4 may allow a non-authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

  • CVE-2021-26106Jul 9, 2021
    risk 0.00cvss epss 0.00

    An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted…

  • CVE-2021-22129Jul 9, 2021
    risk 0.00cvss epss 0.01

    Multiple instances of incorrect calculation of buffer size in the Webmail and Administrative interface of FortiMail before 6.4.5 may allow an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via…

  • CVE-2020-29014Jul 9, 2021
    risk 0.00cvss epss 0.01

    A concurrent execution using shared resource with improper synchronization ('race condition') in the command shell of FortiSandbox before 3.2.2 may allow an authenticated attacker to bring the system into an unresponsive state via specifically orchestrated sequences of commands.

  • CVE-2021-26100Jul 9, 2021
    risk 0.00cvss epss 0.00

    A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible.

  • CVE-2021-24020Jul 9, 2021
    risk 0.00cvss epss 0.01

    A missing cryptographic step in the implementation of the hash digest algorithm in FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to tamper with signed URLs by appending further data which allows bypass of signature verification.

  • CVE-2021-24005Jul 6, 2021
    risk 0.00cvss epss 0.01

    Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator versions before 6.3.0 may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key.

  • CVE-2021-24023Jun 3, 2021
    risk 0.00cvss epss 0.01

    An improper input validation in FortiAI v1.4.0 and earlier may allow an authenticated user to gain system shell access via a malicious payload in the "diagnose" command.

  • CVE-2021-22130Jun 3, 2021
    risk 0.00cvss epss 0.01

    A stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 may allow an authenticated, remote attacker to perform a Denial of Service attack by running the `diagnose sys cpuset` with a large…

  • CVE-2021-24012Jun 2, 2021
    risk 0.00cvss epss 0.00

    An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted Certificate Authority.

  • CVE-2020-6641Jun 2, 2021
    risk 0.00cvss epss 0.01

    Two authorization bypass through user-controlled key vulnerabilities in the Fortinet FortiPresence 2.1.0 administration interface may allow an attacker to gain access to some user data via portal manager or portal users parameters.

  • CVE-2021-26111Jun 1, 2021
    risk 0.00cvss epss 0.00

    A missing release of memory after effective lifetime vulnerability in FortiSwitch 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below may allow an attacker on an adjacent network to exhaust available memory by sending specifically crafted LLDP/CDP/EDP packets to the…

  • CVE-2021-24011May 10, 2021
    risk 0.00cvss epss 0.01

    A privilege escalation vulnerability in FortiNAC version below 8.8.2 may allow an admin user to escalate the privileges to root by abusing the sudo privileges.

  • CVE-2019-17656Apr 12, 2021
    risk 0.00cvss epss 0.02

    A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the…

  • CVE-2021-24024Apr 12, 2021
    risk 0.00cvss epss 0.01

    A clear text storage of sensitive information into log file vulnerability in FortiADCManager 5.3.0 and below, 5.2.1 and below and FortiADC 5.3.7 and below may allow a remote authenticated attacker to read other local users' password in log files.

  • CVE-2020-15942Apr 12, 2021
    risk 0.00cvss epss 0.01

    An information disclosure vulnerability in Web Vulnerability Scan profile of Fortinet's FortiWeb version 6.2.x below 6.2.4 and version 6.3.x below 6.3.5 may allow a remote authenticated attacker to read the password used by the FortiWeb scanner to access the device defined in…

  • CVE-2020-15938Mar 4, 2021
    risk 0.00cvss epss 0.01

    When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header.

  • CVE-2021-22128Mar 4, 2021
    risk 0.00cvss epss 0.01

    An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality.

  • CVE-2020-15937Mar 3, 2021
    risk 0.00cvss epss 0.01

    An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack (XSS) via the IPS and WAF logs dashboard.

  • CVE-2020-6649Feb 8, 2021
    risk 0.00cvss epss 0.02

    An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical…

  • CVE-2020-29015Jan 14, 2021
    risk 0.00cvss epss 0.03

    A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL…

  • CVE-2020-29018Jan 14, 2021
    risk 0.00cvss epss 0.02

    A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote attacker to read the content of memory and retrieve sensitive data via the redir parameter.

  • CVE-2020-29016Jan 14, 2021
    risk 0.00cvss epss 0.03

    A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a large certname.

  • CVE-2020-29017Jan 14, 2021
    risk 0.00cvss epss 0.04

    An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page.

  • CVE-2020-29019Jan 14, 2021
    risk 0.00cvss epss 0.02

    A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header.

  • CVE-2020-6648Oct 21, 2020
    risk 0.00cvss epss 0.01

    A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to…

  • CVE-2020-12811Sep 24, 2020
    risk 0.00cvss epss 0.01

    An improper neutralization of script-related HTML tags in a web page in FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3and FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3 may allow an attacker to execute a cross site scripting (XSS) via the Identify Provider name field.

  • CVE-2020-12815Sep 24, 2020
    risk 0.00cvss epss 0.01

    An improper neutralization of input vulnerability in FortiTester before 3.9.0 may allow a remote authenticated attacker to inject script related HTML tags via IPv4/IPv6 address fields.

  • CVE-2020-12817Sep 24, 2020
    risk 0.00cvss epss 0.02

    An improper neutralization of input vulnerability in FortiAnalyzer before 6.4.1 and 6.2.5 may allow a remote authenticated attacker to inject script related HTML tags via Name parameter of Storage Connectors.

  • CVE-2020-12818Sep 24, 2020
    risk 0.00cvss epss 0.01

    An insufficient logging vulnerability in FortiGate before 6.4.1 may allow the traffic from an unauthenticated attacker to Fortinet owned IP addresses to go unnoticed.

  • CVE-2020-12816Sep 24, 2020
    risk 0.00cvss epss 0.01

    An improper neutralization of input vulnerability in FortiNAC before 8.7.2 may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the UserID of Admin Users.

  • CVE-2020-6644Jun 22, 2020
    risk 0.00cvss epss 0.01

    An insufficient session expiration vulnerability in FortiDeceptor 3.0.0 and below allows an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID via other, hypothetical attacks.

Page 20 of 23