Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortinac vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-26206
An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiNAC 9.4.0 - 9.4.2, 9.2.0 - 9.2.8, 9.1.0 - 9.1.10 and 7.2.0 allows an malicious user to execute unauthorized code or commands via the name fields observed in the poli...
Fortinet Fortinac
Fortinet Fortinac 7.2.0
NA
CVE-2023-33299
A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows malicious user to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC version...
Fortinet Fortinac
Fortinet Fortinac 8.3.7
Fortinet Fortinac 9.4.0
Fortinet Fortinac 9.4.1
Fortinet Fortinac 9.4.2
Fortinet Fortinac 7.2.0
Fortinet Fortinac 7.2.1
NA
CVE-2023-22633
An improper permissions, privileges, and access controls vulnerability [CWE-264] in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions 8.7.0 all versions may allow an unauthenticated malicious user to perform a DoS attack on the devic...
Fortinet Fortinac
Fortinet Fortinac 9.4.0
Fortinet Fortinac 9.4.1
Fortinet Fortinac-f 7.2.0
NA
CVE-2022-39946
An access control vulnerability [CWE-284] in FortiNAC version 9.4.2 and below, version 9.2.7 and below, 9.1 all versions, 8.8 all versions, 8.7 all versions, 8.6 all versions, 8.5 all versions may allow a remote attacker authenticated on the administrative interface to perform un...
Fortinet Fortinac
Fortinet Fortinac 9.4.0
Fortinet Fortinac 9.4.1
Fortinet Fortinac 9.4.2
NA
CVE-2022-45858
A use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.0 all versions, 8.8.0 all versions, 8.7.0 all versions may increase the chances of an malicious user to have access to sensitive information or to perform man-in-the-...
Fortinet Fortinac
NA
CVE-2022-45859
An insufficiently protected credentials vulnerability [CWE-522] in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions, 8.7.0 all versions may allow a local attacker with system access to retrieve users' passwords.
Fortinet Fortinac
Fortinet Fortinac-f 7.2.0
NA
CVE-2022-45860
A weak authentication vulnerability [CWE-1390] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions in device registration page may allow an unauthenticated malicious user to perform password sprayin...
Fortinet Fortinac
Fortinet Fortinac-f 7.2.0
NA
CVE-2023-22637
An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions in License Management wou...
Fortinet Fortinac-f 7.2.0
Fortinet Fortinac
NA
CVE-2022-43950
A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an unauthenticated malicious user to redirect us...
Fortinet Fortinac
Fortinet Fortinac-f 7.2.0
NA
CVE-2023-26203
A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an authenticated malicious user to access to the database via shell commands.
Fortinet Fortinac
Fortinet Fortinac-f 7.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »