Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortinac vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-45859
An insufficiently protected credentials vulnerability [CWE-522] in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions, 8.7.0 all versions may allow a local attacker with system access to retrieve users' passwords.
Fortinet Fortinac
Fortinet Fortinac-f 7.2.0
NA
CVE-2022-45860
A weak authentication vulnerability [CWE-1390] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions in device registration page may allow an unauthenticated malicious user to perform password sprayin...
Fortinet Fortinac
Fortinet Fortinac-f 7.2.0
NA
CVE-2023-26203
A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an authenticated malicious user to access to the database via shell commands.
Fortinet Fortinac
Fortinet Fortinac-f 7.2.0
NA
CVE-2023-22637
An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions in License Management wou...
Fortinet Fortinac-f 7.2.0
Fortinet Fortinac
NA
CVE-2022-45858
A use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.0 all versions, 8.8.0 all versions, 8.7.0 all versions may increase the chances of an malicious user to have access to sensitive information or to perform man-in-the-...
Fortinet Fortinac
9
CVSSv2
CVE-2021-24011
A privilege escalation vulnerability in FortiNAC version below 8.8.2 may allow an admin user to escalate the privileges to root by abusing the sudo privileges.
Fortinet Fortinac
NA
CVE-2022-39952
A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 up to and including 9.2.5, 9.1.0 up to and including 9.1.7, 8.8.0 up to and including 8.8.11, 8.7.0 up to and including 8.7.6, 8.6.0 up to and including 8.6.5, 8.5.0 up to and including 8.5.4, 8.3....
Fortinet Fortinac
4 Github repositories
4.3
CVSSv2
CVE-2020-12816
An improper neutralization of input vulnerability in FortiNAC prior to 8.7.2 may allow a remote authenticated malicious user to perform a stored cross site scripting attack (XSS) via the UserID of Admin Users.
Fortinet Fortinac
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3