Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortimanager vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2021-36192
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS.
Fortinet Fortimanager
828
VMScore
CVE-2021-24016
An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4.3 and below, 6.2.7 and below allows malicious user to execute arbitrary commands via crafted IPv4 field in policy name, when exported as excel file and opened unsafely on the victim ...
Fortinet Fortimanager
356
VMScore
CVE-2018-1353
An information disclosure vulnerability in Fortinet FortiManager 6.0.1 and below versions allows a standard user with adom assignment read the interface settings of vdoms unrelated to the assigned adom.
Fortinet Fortimanager
188
VMScore
CVE-2022-22303
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiManager versions before 7.0.2, 6.4.7 and 6.2.9 may allow a low privileged authenticated user to gain access to the FortiGate users credentials via the config conflict fil...
Fortinet Fortimanager
312
VMScore
CVE-2015-3612
A Cross-site Scripting (XSS) vulnerability exists in FortiManager 5.2.1 and previous versions and 5.0.10 and previous versions via an unspecified parameter in the FortiWeb auto update service page.
Fortinet Fortimanager
668
VMScore
CVE-2015-3613
A vulnerability exists in in FortiManager 5.2.1 and previous versions and 5.0.10 and previous versions in the WebUI FTP backup page
Fortinet Fortimanager
801
VMScore
CVE-2015-3611
A Command Injection vulnerability exists in FortiManager 5.2.1 and previous versions and FortiManager 5.0.10 and previous versions via unspecified vectors, which could let a malicious user run systems commands when executing a report.
Fortinet Fortimanager
578
VMScore
CVE-2021-24006
An improper access control vulnerability in FortiManager versions 6.4.0 to 6.4.3 may allow an authenticated attacker with a restricted user profile to access the SD-WAN Orchestrator panel via directly visiting its URL.
Fortinet Fortimanager
356
VMScore
CVE-2021-24017
An improper authentication in Fortinet FortiManager version 6.4.3 and below, 6.2.6 and below allows malicious user to assign arbitrary Policy and Object modules via crafted requests to the request handler.
Fortinet Fortimanager
435
VMScore
CVE-2015-8038
Multiple cross-site scripting (XSS) vulnerabilities in the Graphical User Interface (GUI) in Fortinet FortiManager prior to 5.2.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) sharedjobmanager or (2) SOMServiceObjDialog.
Fortinet Fortimanager Firmware
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »