Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortimanager vulnerabilities and exploits
(subscribe to this query)
2.7
CVSSv3
CVE-2022-38377
An improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.7, 6.2.0 up to and including 6.2.9, 6.0.0 up to and including 6.0.11 and FortiAnalyzer 7.2.0, 7.0.0 up to and including 7.0.3, 6.4.0 up to and ...
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortimanager 7.2.0
Fortinet Fortianalyzer 7.2.0
5.4
CVSSv3
CVE-2022-39950
An improper neutralization of input during web page generation vulnerability [CWE-79] exists in FortiManager and FortiAnalyzer 6.0.0 all versions, 6.2.0 all versions, 6.4.0 up to and including 6.4.8, and 7.0.0 up to and including 7.0.4. Report templates may allow a low privilege ...
Fortinet Fortianalyzer
Fortinet Fortimanager
5.3
CVSSv3
CVE-2022-26121
An exposure of resource to wrong sphere vulnerability [CWE-668] in FortiAnalyzer and FortiManager GUI 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.8, 6.2.0 up to and including 6.2.9, 6.0.0 up to and including 6.0.11, 5.6.0 up to and including 5.6.11 may allow an...
Fortinet Fortimanager
Fortinet Fortianalyzer
7.2
CVSSv3
CVE-2022-27483
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager version 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.7, 6.2.x and 6.0.x and FortiAnalyzer version 7.0.0 up to and including 7.0.3, ver...
Fortinet Fortimanager
Fortinet Fortianalyzer
6.7
CVSSv3
CVE-2022-26118
A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 up to and including 6.4.7, 7.0.0 up to and including 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect...
Fortinet Fortimanager
Fortinet Fortianalyzer
7.8
CVSSv3
CVE-2021-26104
Multiple OS command injection (CWE-78) vulnerabilities in the command line interface of FortiManager 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, FortiAnalyzer 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, and FortiPo...
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortiportal
5.5
CVSSv3
CVE-2022-22303
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiManager versions before 7.0.2, 6.4.7 and 6.2.9 may allow a low privileged authenticated user to gain access to the FortiGate users credentials via the config conflict fil...
Fortinet Fortimanager
8.8
CVSSv3
CVE-2022-22300
A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5.6.0 up to and including 5.6.11, FortiAnalyzer version 6.0.0 up to and including 6.0.11, FortiAnalyzer version 6.2.0 up to and including 6.2.9, FortiAnalyzer version 6.4.0 up to and i...
Fortinet Fortimanager
Fortinet Fortianalyzer
6.7
CVSSv3
CVE-2021-42757
A buffer overflow [CWE-121] in the TFTP client library of FortiOS prior to 6.4.7 and FortiOS 7.0.0 up to and including 7.0.2, may allow an authenticated local malicious user to achieve arbitrary code execution via specially crafted command line arguments.
Fortinet Fortiweb 6.4.0
Fortinet Fortios
Fortinet Fortiweb 6.4.1
Fortinet Fortiproxy 7.0.0
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortiproxy 7.0.1
Fortinet Fortimail
Fortinet Fortios-6k7k 6.4.6
Fortinet Fortios-6k7k 6.4.2
Fortinet Fortiweb
Fortinet Fortiproxy
Fortinet Fortindr
Fortinet Fortiswitch
Fortinet Fortirecorder Firmware
Fortinet Fortios-6k7k
Fortinet Fortiadc
Fortinet Fortiportal
Fortinet Fortivoice
3.8
CVSSv3
CVE-2021-36192
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS.
Fortinet Fortimanager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »