Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortisiem vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-23108
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 up to and including 7.1.1 and 7.0.0 up to and including 7.0.2 and 6.7.0 up to and including 6.7.8 and 6.6.0 up to and including 6.6.3 and 6....
Fortinet Fortisiem
Fortinet Fortisiem 7.1.1
Fortinet Fortisiem 7.1.0
2 Articles
9.8
CVSSv3
CVE-2024-23109
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 up to and including 7.1.1 and 7.0.0 up to and including 7.0.2 and 6.7.0 up to and including 6.7.8 and 6.6.0 up to and including 6.6.3 and 6....
Fortinet Fortisiem
Fortinet Fortisiem 7.1.1
Fortinet Fortisiem 7.1.0
2 Articles
9.8
CVSSv3
CVE-2023-36553
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 5.4.0 and 5.3.0 up to and including 5.3.3 and 5.2.5 up to and including 5.2.8 and 5.2.1 up to and including 5.2.2 and 5.1.0 up to and including 5.1...
Fortinet Fortisiem 5.2.5
Fortinet Fortisiem 5.4.0
Fortinet Fortisiem 5.2.2
Fortinet Fortisiem 5.2.1
Fortinet Fortisiem
Fortinet Fortisiem 5.0.0
Fortinet Fortisiem 5.0.1
Fortinet Fortisiem 5.2.6
Fortinet Fortisiem 5.2.7
Fortinet Fortisiem 5.2.8
Fortinet Fortisiem 4.9.0
Fortinet Fortisiem 4.7.2
Fortinet Fortisiem 4.10.0
Fortinet Fortisiem 5.3.0
Fortinet Fortisiem 5.3.1
Fortinet Fortisiem 5.3.2
Fortinet Fortisiem 5.3.3
9.8
CVSSv3
CVE-2023-34992
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.0.0 and 6.7.0 up to and including 6.7.5 and 6.6.0 up to and including 6.6.3 and 6.5.0 up to and including 6.5.1 and 6.4.0 up to and including 6.4...
Fortinet Fortisiem 6.4.1
Fortinet Fortisiem 6.4.0
Fortinet Fortisiem 6.5.0
Fortinet Fortisiem 6.5.1
Fortinet Fortisiem 6.4.2
Fortinet Fortisiem
Fortinet Fortisiem 7.0.0
2 Articles
9.8
CVSSv3
CVE-2023-26204
A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB con...
Fortinet Fortisiem 6.4.1
Fortinet Fortisiem 6.4.0
Fortinet Fortisiem
Fortinet Fortisiem 6.2.1
Fortinet Fortisiem 6.2.0
Fortinet Fortisiem 5.4.0
Fortinet Fortisiem 6.5.0
Fortinet Fortisiem 6.5.1
Fortinet Fortisiem 6.4.2
Fortinet Fortisiem 6.1.0
Fortinet Fortisiem 6.1.1
Fortinet Fortisiem 6.1.2
9.8
CVSSv3
CVE-2020-9292
An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an malicious user to gain elevated privileges via the AoWinAgt executable service path.
Fortinet Fortisiem Windows Agent
9.8
CVSSv3
CVE-2019-16153
A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow malicious users to access the device database via the use of static credentials.
Fortinet Fortisiem
8.8
CVSSv3
CVE-2022-42478
An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0 may allow a non-privileged user with access to several endpoints to brute force attack these endpoints.
Fortinet Fortisiem 5.2.5
Fortinet Fortisiem 6.4.1
Fortinet Fortisiem 6.4.0
Fortinet Fortisiem
Fortinet Fortisiem 6.2.1
Fortinet Fortisiem 6.2.0
Fortinet Fortisiem 5.4.0
Fortinet Fortisiem 5.2.2
Fortinet Fortisiem 5.2.1
Fortinet Fortisiem 6.7.0
Fortinet Fortisiem 6.6.0
Fortinet Fortisiem 6.6.1
Fortinet Fortisiem 6.6.2
Fortinet Fortisiem 6.6.3
Fortinet Fortisiem 6.5.0
Fortinet Fortisiem 6.5.1
Fortinet Fortisiem 6.4.2
Fortinet Fortisiem 5.2.6
Fortinet Fortisiem 5.2.7
Fortinet Fortisiem 5.2.8
Fortinet Fortisiem 6.1.0
Fortinet Fortisiem 6.1.1
8.8
CVSSv3
CVE-2019-17653
A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a remote, unauthenticated malicious user to perform arbitrary actions using an authenticated user's session by persuading the victim to follow a malicious link.
Fortinet Fortisiem 5.2.5
7.8
CVSSv3
CVE-2022-26119
A improper authentication vulnerability in Fortinet FortiSIEM prior to 6.5.0 allows a local attacker with CLI access to perform operations on the Glassfish server directly via a hardcoded password.
Fortinet Fortisiem 6.4.1
Fortinet Fortisiem 6.4.0
Fortinet Fortisiem
Fortinet Fortisiem 6.2.1
Fortinet Fortisiem 6.2.0
Fortinet Fortisiem 5.4.0
Fortinet Fortisiem 5.2.2
Fortinet Fortisiem 5.2.1
Fortinet Fortisiem 5.0.0
Fortinet Fortisiem 5.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »