Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortisiem vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-16153
A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow malicious users to access the device database via the use of static credentials.
Fortinet Fortisiem
3.5
CVSSv2
CVE-2019-17651
An Improper Neutralization of Input vulnerability in the description and title parameters of a Device Maintenance Schedule in FortiSIEM version 5.2.5 and below may allow a remote authenticated malicious user to perform a Stored Cross Site Scripting attack (XSS) by injecting malic...
Fortinet Fortisiem
4
CVSSv2
CVE-2019-6700
An information exposure vulnerability in the external authentication profile form of FortiSIEM 5.2.2 and previous versions may allow an authenticated malicious user to retrieve the external authentication password via the HTML source code.
Fortinet Fortisiem
2.1
CVSSv2
CVE-2021-41023
A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows an authenticated user to disclosure agent password due to plaintext credential storage in log files
Fortinet Fortisiem
4
CVSSv2
CVE-2018-13378
An information disclosure vulnerability in Fortinet FortiSIEM 5.2.0 and below versions exposes the LDAP server plaintext password via the HTML source code.
Fortinet Fortisiem
NA
CVE-2023-36551
A exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 up to and including 6.7.5 allows malicious user to information disclosure via a crafted http request.
Fortinet Fortisiem
4.6
CVSSv2
CVE-2021-41022
A improper privilege management in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows malicious user to execute privileged code or commands via powershell scripts
Fortinet Fortisiem
6.8
CVSSv2
CVE-2019-17653
A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a remote, unauthenticated malicious user to perform arbitrary actions using an authenticated user's session by persuading the victim to follow a malicious link.
Fortinet Fortisiem 5.2.5
7.5
CVSSv2
CVE-2020-9292
An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an malicious user to gain elevated privileges via the AoWinAgt executable service path.
Fortinet Fortisiem Windows Agent
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2