Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortimanager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-42788
An improper neutralization of special elements used in an os command ('OS Command Injection') vulnerability [CWE-78] in FortiManager & FortiAnalyzer version 7.4.0, version 7.2.0 up to and including 7.2.3, version 7.0.0 up to and including 7.0.8, version 6.4.0 up to ...
Fortinet Fortimanager
Fortinet Fortianalyzer 7.4.0
Fortinet Fortianalyzer
Fortinet Fortimanager 7.4.0
NA
CVE-2022-38377
An improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.7, 6.2.0 up to and including 6.2.9, 6.0.0 up to and including 6.0.11 and FortiAnalyzer 7.2.0, 7.0.0 up to and including 7.0.3, 6.4.0 up to and ...
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortimanager 7.2.0
Fortinet Fortianalyzer 7.2.0
NA
CVE-2023-41838
An improper neutralization of special elements used in an os command ('os command injection') in FortiManager 7.4.0 and 7.2.0 up to and including 7.2.3 may allow malicious user to execute unauthorized code or commands via FortiManager cli.
Fortinet Fortimanager
Fortinet Fortianalyzer 7.4.0
Fortinet Fortianalyzer
Fortinet Fortimanager 7.4.0
4
CVSSv2
CVE-2021-26107
An improper access control vulnerability [CWE-284] in FortiManager versions 6.4.4 and 6.4.5 may allow an authenticated attacker with a restricted user profile to modify the VPN tunnel status of other VDOMs using VPN Manager.
Fortinet Fortimanager 6.4.4
Fortinet Fortimanager 6.4.5
5.8
CVSSv2
CVE-2017-3126
An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 up to and including 5.4.2 and FortiManager 5.4.0 up to and including 5.4.2 allows malicious user to execute unauthorized code or commands via the next parameter.
Fortinet Fortianalyzer Firmware 5.4.1
Fortinet Fortianalyzer Firmware 5.4.2
Fortinet Fortianalyzer Firmware 5.4.0
Fortinet Fortimanager Firmware 5.4.1
Fortinet Fortimanager Firmware 5.4.2
Fortinet Fortimanager Firmware 5.4.0
4.3
CVSSv2
CVE-2017-17541
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.4 and below versions, FortiAnalyzer 6.0.0, 5.6.4 and below versions allows inject Javascript code and HTML tags through the CN value of CA and CRL certificates via the import CA and CRL certificates fe...
Fortinet Fortimanager Firmware 6.0.0
Fortinet Fortianalyzer Firmware
Fortinet Fortimanager Firmware
Fortinet Fortianalyzer Firmware 6.0.0
NA
CVE-2022-22305
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated malicious use...
Fortinet Fortisandbox 4.0.0
Fortinet Fortianalyzer
Fortinet Fortisandbox
Fortinet Fortisandbox 4.0.1
Fortinet Fortisandbox 4.0.2
Fortinet Fortios
Fortinet Fortisandbox 3.0.1
Fortinet Fortianalyzer 7.0.0
Fortinet Fortianalyzer 7.0.1
Fortinet Fortianalyzer 7.0.2
Fortinet Fortimanager 7.0.0
Fortinet Fortimanager 7.0.1
Fortinet Fortimanager
4
CVSSv2
CVE-2018-1354
An improper access control vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows a regular user edit the avatar picture of other users with arbitrary content.
Fortinet Fortianalyzer
Fortinet Fortimanager
5
CVSSv2
CVE-2020-9289
Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of the...
Fortinet Fortimanager
Fortinet Fortianalyzer
1 Github repository
NA
CVE-2023-22642
An improper certificate validation vulnerability [CWE-295] in FortiAnalyzer and FortiManager 7.2.0 up to and including 7.2.1, 7.0.0 up to and including 7.0.5, 6.4.8 up to and including 6.4.10 may allow a remote and unauthenticated malicious user to perform a Man-in-the-Middle att...
Fortinet Fortianalyzer
Fortinet Fortimanager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »