Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortimanager vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-24017
An improper authentication in Fortinet FortiManager version 6.4.3 and below, 6.2.6 and below allows malicious user to assign arbitrary Policy and Object modules via crafted requests to the request handler.
Fortinet Fortimanager
4
CVSSv2
CVE-2018-1353
An information disclosure vulnerability in Fortinet FortiManager 6.0.1 and below versions allows a standard user with adom assignment read the interface settings of vdoms unrelated to the assigned adom.
Fortinet Fortimanager
2.1
CVSSv2
CVE-2022-22303
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiManager versions before 7.0.2, 6.4.7 and 6.2.9 may allow a low privileged authenticated user to gain access to the FortiGate users credentials via the config conflict fil...
Fortinet Fortimanager
9.3
CVSSv2
CVE-2021-24016
An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4.3 and below, 6.2.7 and below allows malicious user to execute arbitrary commands via crafted IPv4 field in policy name, when exported as excel file and opened unsafely on the victim ...
Fortinet Fortimanager
3.5
CVSSv2
CVE-2015-3612
A Cross-site Scripting (XSS) vulnerability exists in FortiManager 5.2.1 and previous versions and 5.0.10 and previous versions via an unspecified parameter in the FortiWeb auto update service page.
Fortinet Fortimanager
7.5
CVSSv2
CVE-2015-3613
A vulnerability exists in in FortiManager 5.2.1 and previous versions and 5.0.10 and previous versions in the WebUI FTP backup page
Fortinet Fortimanager
2.1
CVSSv2
CVE-2021-36192
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS.
Fortinet Fortimanager
3.5
CVSSv2
CVE-2018-1351
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.6 and below versions allows malicious user to execute HTML/javascript code via managed remote devices CLI commands by viewing the remote device CLI config installation log.
Fortinet Fortimanager
9
CVSSv2
CVE-2015-3611
A Command Injection vulnerability exists in FortiManager 5.2.1 and previous versions and FortiManager 5.0.10 and previous versions via unspecified vectors, which could let a malicious user run systems commands when executing a report.
Fortinet Fortimanager
4.3
CVSSv2
CVE-2015-8037
Multiple cross-site scripting (XSS) vulnerabilities in the Graphical User Interface (GUI) in Fortinet FortiManager prior to 5.2.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) SOMVpnSSLPortalDialog or (2) FGDMngUpdHistory.
Fortinet Fortimanager Firmware
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »