Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortimail 7.0.0 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2021-36166
An improper authentication vulnerability in FortiMail prior to 7.0.1 may allow a remote malicious user to efficiently guess one administrative account's authentication token by means of the observation of certain system's properties.
Fortinet Fortimail
Fortinet Fortimail 7.0.0
668
VMScore
CVE-2021-32586
An improper input validation vulnerability in the web server CGI facilities of FortiMail prior to 7.0.1 may allow an unauthenticated malicious user to alter the environment of the underlying script interpreter via specifically crafted HTTP requests.
Fortinet Fortimail
Fortinet Fortimail 7.0.0
231
VMScore
CVE-2021-32591
A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS credentials in FortiSandbox prior to 4.0.1, FortiWeb prior to 6.3.12, FortiADC prior to 6.2.1, FortiMail 7.0.1 and previous versions may allow an attacker in possession of the pa...
Fortinet Fortimail
Fortinet Fortisandbox
Fortinet Fortiadc
Fortinet Fortiweb 5.9.0
Fortinet Fortiweb 5.9.1
Fortinet Fortiweb
Fortinet Fortimail 7.0.1
Fortinet Fortiadc 6.2.0
Fortinet Fortisandbox 4.0.0
Fortinet Fortiadc 6.2.1
Fortinet Fortimail 7.0.0
NA
CVE-2023-36556
An incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 up to and including 7.2.2, version 7.0.0 up to and including 7.0.5 and below 6.4.7 allows an authenticated malicious user to login on other users accounts from the same web domain via crafted HT...
Fortinet Fortimail
Fortinet Fortimail 7.2.0
Fortinet Fortimail 7.2.1
Fortinet Fortimail 7.2.2
NA
CVE-2023-45582
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiMail webmail version 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.6 and prior to 6.4.8 may allow an unauthenticated malicious user to perform a brute force attack on the...
Fortinet Fortimail
Fortinet Fortimail 7.4.0
NA
CVE-2022-39945
An improper access control vulnerability [CWE-284] in FortiMail 7.2.0, 7.0.0 up to and including 7.0.3, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an authenticated admin user assigned to a specific domain to access and modify other domains information via inse...
Fortinet Fortimail
Fortinet Fortimail 7.2.0
NA
CVE-2022-22299
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 up to and including 6.0.4, FortiADC version 6.1.0 up to and including 6.1.5, FortiADC version 6.2.0 up to and including 6.2.1, FortiProxy version 1.0.0 up to and including 1.0.7, For...
Fortinet Fortiproxy
Fortinet Fortios
Fortinet Fortiadc 6.2.0
Fortinet Fortiadc 6.2.1
Fortinet Fortimail
Fortinet Fortiproxy 7.0.0
Fortinet Fortiproxy 7.0.1
Fortinet Fortiadc
356
VMScore
CVE-2021-26099
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail prior to 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext.
Fortinet Fortimail
445
VMScore
CVE-2021-26100
A missing cryptographic step in the Identity-Based Encryption service of FortiMail prior to 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible.
Fortinet Fortimail
383
VMScore
CVE-2021-43062
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version 6.0.11 and below allows malicious user to execute unauthorized code or command...
Fortinet Fortimail
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »