Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortisandbox 3.2.1 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2020-29013
An improper input validation vulnerability in the sniffer interface of FortiSandbox prior to 3.2.2 may allow an authenticated malicious user to silently halt the sniffer via specifically crafted requests.
Fortinet Fortisandbox
Fortinet Fortisandbox 3.2.0
Fortinet Fortisandbox 3.2.1
NA
CVE-2022-26115
A use of password hash with insufficient computational effort vulnerability [CWE-916] in FortiSandbox prior to 4.2.0 may allow an attacker with access to the password database to efficiently mount bulk guessing attacks to recover the passwords.
Fortinet Fortisandbox 3.2.2
Fortinet Fortisandbox 4.0.0
Fortinet Fortisandbox 3.2.0
Fortinet Fortisandbox 3.2.1
Fortinet Fortisandbox 3.2.3
Fortinet Fortisandbox 4.0.1
Fortinet Fortisandbox 4.0.2
NA
CVE-2022-30305
An insufficient logging [CWE-778] vulnerability in FortiSandbox versions 4.0.0 to 4.0.2, 3.2.0 to 3.2.3 and 3.1.0 to 3.1.5 and FortiDeceptor versions 4.2.0, 4.1.0 up to and including 4.1.1, 4.0.0 up to and including 4.0.2, 3.3.0 up to and including 3.3.3, 3.2.0 up to and includin...
Fortinet Fortideceptor 3.1.0
Fortinet Fortisandbox 3.2.2
Fortinet Fortisandbox 3.2.0
Fortinet Fortisandbox 3.2.1
Fortinet Fortideceptor 3.1.1
Fortinet Fortideceptor 4.1.0
Fortinet Fortideceptor 4.1.1
Fortinet Fortideceptor 4.2.0
Fortinet Fortideceptor
Fortinet Fortisandbox
Fortinet Fortisandbox 3.2.3
4
CVSSv2
CVE-2020-15939
An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged malicious user to download the device configuration file via the recovery URL.
Fortinet Fortisandbox
5
CVSSv2
CVE-2020-29012
An insufficient session expiration vulnerability in FortiSandbox versions 3.2.1 and below may allow an malicious user to reuse the unexpired admin user session IDs to gain information about other users configured on the device, should the attacker be able to obtain that session I...
Fortinet Fortisandbox
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started