Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortimail vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-39945
An improper access control vulnerability [CWE-284] in FortiMail 7.2.0, 7.0.0 up to and including 7.0.3, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an authenticated admin user assigned to a specific domain to access and modify other domains information via inse...
Fortinet Fortimail
Fortinet Fortimail 7.2.0
NA
CVE-2023-45582
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiMail webmail version 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.6 and prior to 6.4.8 may allow an unauthenticated malicious user to perform a brute force attack on the...
Fortinet Fortimail
Fortinet Fortimail 7.4.0
578
VMScore
CVE-2019-15712
An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to access web console they should not be authorized for.
Fortinet Fortimail
Fortinet Fortimail 6.2.0
668
VMScore
CVE-2021-36166
An improper authentication vulnerability in FortiMail prior to 7.0.1 may allow a remote malicious user to efficiently guess one administrative account's authentication token by means of the observation of certain system's properties.
Fortinet Fortimail
Fortinet Fortimail 7.0.0
NA
CVE-2022-29056
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiMail version 6.4.0, version 6.2.0 up to and including 6.2.4 and prior to 6.0.9 allows a remote unauthenticated malicious user to partially exhaust CPU and memory via sending numer...
Fortinet Fortimail 6.4.0
Fortinet Fortimail
231
VMScore
CVE-2021-32591
A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS credentials in FortiSandbox prior to 4.0.1, FortiWeb prior to 6.3.12, FortiADC prior to 6.2.1, FortiMail 7.0.1 and previous versions may allow an attacker in possession of the pa...
Fortinet Fortimail
Fortinet Fortisandbox
Fortinet Fortiadc
Fortinet Fortiweb 5.9.0
Fortinet Fortiweb 5.9.1
Fortinet Fortiweb
Fortinet Fortimail 7.0.1
Fortinet Fortiadc 6.2.0
Fortinet Fortisandbox 4.0.0
Fortinet Fortiadc 6.2.1
Fortinet Fortimail 7.0.0
790
VMScore
CVE-2020-9294
An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and previous versions and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated malicious user to access the system as a legitimate user by requesting a password change via the user inter...
Fortinet Fortimail
Fortinet Fortivoice
1 Metasploit module
383
VMScore
CVE-2021-43062
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version 6.0.11 and below allows malicious user to execute unauthorized code or command...
Fortinet Fortimail
578
VMScore
CVE-2021-22129
Multiple instances of incorrect calculation of buffer size in the Webmail and Administrative interface of FortiMail prior to 6.4.5 may allow an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands vi...
Fortinet Fortimail
445
VMScore
CVE-2021-26090
A missing release of memory after its effective lifetime vulnerability in the Webmail of FortiMail 6.4.0 up to and including 6.4.4 and 6.2.0 up to and including 6.2.6 may allow an unauthenticated remote malicious user to exhaust available memory via specifically crafted login req...
Fortinet Fortimail
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »