Total
176 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-36173 | 1 Fortinet | 14 Fortigate-1100e, Fortigate-200f, Fortigate-2600f and 11 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images. | |||||
CVE-2021-26110 | 1 Fortinet | 2 Fortios, Fortiproxy | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features. | |||||
CVE-2021-44168 | 1 Fortinet | 1 Fortios | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages. | |||||
CVE-2021-24018 | 1 Fortinet | 1 Fortios | 2024-02-28 | 5.8 MEDIUM | 8.8 HIGH |
A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image. | |||||
CVE-2019-17656 | 1 Fortinet | 2 Fortios, Fortiproxy | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution. | |||||
CVE-2021-24012 | 1 Fortinet | 1 Fortios | 2024-02-28 | 7.5 HIGH | 7.3 HIGH |
An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted Certificate Authority. | |||||
CVE-2020-15938 | 1 Fortinet | 1 Fortios | 2024-02-28 | 4.3 MEDIUM | 7.5 HIGH |
When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header. | |||||
CVE-2020-12818 | 1 Fortinet | 36 Fortigate 1000d, Fortigate 100e, Fortigate 100f and 33 more | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
An insufficient logging vulnerability in FortiGate before 6.4.1 may allow the traffic from an unauthenticated attacker to Fortinet owned IP addresses to go unnoticed. | |||||
CVE-2020-6648 | 1 Fortinet | 2 Fortios, Fortiproxy | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the "diag sys ha checksum show" command. | |||||
CVE-2020-15937 | 1 Fortinet | 1 Fortios | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack (XSS) via the IPS and WAF logs dashboard. | |||||
CVE-2019-6696 | 1 Fortinet | 1 Fortios | 2024-02-28 | 5.8 MEDIUM | 6.1 MEDIUM |
An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage. | |||||
CVE-2020-12812 | 1 Fortinet | 1 Fortios | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username. | |||||
CVE-2019-17655 | 1 Fortinet | 1 Fortios | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an attacker to retrieve a logged-in SSL VPN user's credentials should that attacker be able to read the session file stored on the targeted device's system. | |||||
CVE-2018-13371 | 1 Fortinet | 1 Fortios | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component. | |||||
CVE-2019-5591 | 1 Fortinet | 1 Fortios | 2024-02-28 | 3.3 LOW | 6.5 MEDIUM |
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server. | |||||
CVE-2018-9195 | 1 Fortinet | 2 Forticlient, Fortios | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below. | |||||
CVE-2019-15705 | 1 Fortinet | 1 Fortios | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request. | |||||
CVE-2019-5593 | 1 Fortinet | 1 Fortios | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system's builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below or for user uploaded local certificates via setting an empty password in FortiOS 6.2.1, 6.2.0, 6.0.6 and below. | |||||
CVE-2019-6693 | 1 Fortinet | 1 Fortios | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set). | |||||
CVE-2019-15703 | 1 Fortinet | 1 Fortios | 2024-02-28 | 2.6 LOW | 7.5 HIGH |
An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA handshake and mutual ECDSA authentication via the help of flush+reload side channel attacks in FortiGate VM models only. |