Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortiedr vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-44248
An improper access control vulnerability [CWE-284] in FortiEDRCollectorWindows version 5.2.0.4549 and below, 5.0.3.1007 and below, 4.0 all may allow a local malicious user to prevent the collector service to start in the next system reboot by tampering with some registry keys of ...
Fortinet Fortiedr 4.0.0
Fortinet Fortiedr
8.1
CVSSv3
CVE-2023-33303
A insufficient session expiration in Fortinet FortiEDR version 5.0.0 up to and including 5.0.1 allows malicious user to execute unauthorized code or commands via api request
Fortinet Fortiedr
5.5
CVSSv3
CVE-2022-39949
An improper control of a resource through its lifetime vulnerability [CWE-664] in FortiEDR CollectorWindows 4.0.0 up to and including 4.1, 5.0.0 up to and including 5.0.3.751, 5.1.0 may allow a privileged user to terminate the FortiEDR processes with special tools and bypass the ...
Fortinet Fortiedr
5.4
CVSSv3
CVE-2022-29057
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiEDR version 5.1.0, 5.0.0 up to and including 5.0.3 Patch 6 and 4.0.0 allows a remote authenticated malicious user to perform a reflected cross site scripting attack (...
Fortinet Fortiedr 4.0.0
Fortinet Fortiedr 5.0.3
Fortinet Fortiedr
Fortinet Fortiedr 5.1.0
7.8
CVSSv3
CVE-2022-23440
A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local malicious user to disable and uninstall the collectors from the end-points within the same deployment.
Fortinet Fortiedr 5.0.2
Fortinet Fortiedr 5.0.1
Fortinet Fortiedr 5.0.0
Fortinet Fortiedr 4.0.0
9.1
CVSSv3
CVE-2022-23441
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow an unauthenticated attacker on the network to disguise as and forge messages from other collectors.
Fortinet Fortiedr 5.0.2
Fortinet Fortiedr 5.0.1
Fortinet Fortiedr 5.0.0
Fortinet Fortiedr 4.0.0
4.4
CVSSv3
CVE-2022-23446
A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and previous versions allows malicious user to make the whole application unresponsive via changing its root directory access permission.
Fortinet Fortiedr 5.0.2
Fortinet Fortiedr 5.0.1
Fortinet Fortiedr 5.0.0
Fortinet Fortiedr 4.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started