Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiauthenticator 3.0.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-1455
Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the slony PostgreSQL user and (2) www-data for the www-data PostgreSQL user, which makes it easier for remote malicious users to obtain access via unspecified vectors.
Fortinet Fortiauthenticator 3.0.0
NA
CVE-2015-1456
Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and passwords in cleartext, which allows remote administrators to obtain sensitive information by reading the log at debug/startup/.
Fortinet Fortiauthenticator 3.0.0
NA
CVE-2015-1457
Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command.
Fortinet Fortiauthenticator 3.0.0
NA
CVE-2015-1458
Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intended restrictions and gain privileges by creating /tmp/privexec/dbgcore_enable_shell_access and executing the "shell" command.
Fortinet Fortiauthenticator 3.0.0
NA
CVE-2015-1459
Cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator 3.0.0 allows remote malicious users to inject arbitrary web script or HTML via the operation parameter to cert/scep/.
Fortinet Fortiauthenticator 3.0.0
7.5
CVSSv3
CVE-2021-22124
An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 up to and including 3.2.2, 3.1.0 up to and including 3.1.4, and 3.0.0 up to and including 3.0.6; and FortiAuthenticator prior to 6.0.6 may allow an unauthenticated ma...
Fortinet Fortiauthenticator
Fortinet Fortisandbox
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started