Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortimail vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-27488
A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 up to and including 7.0.4, 6.4.0 up to and including 6.4.10, 6.2.0 up to and including 6.2.7, 6.0.x, FortiMail version 7.0.0 up to and including 7.0.3, 6.4.0 up to...
Fortinet Fortiswitch
Fortinet Fortimail
Fortinet Fortirecorder
Fortinet Fortiai 1.5.3
Fortinet Fortiai 1.1.0
Fortinet Fortindr 7.1.0
Fortinet Fortindr
Fortinet Fortivoice
7.3
CVSSv3
CVE-2023-45582
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiMail webmail version 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.6 and prior to 6.4.8 may allow an unauthenticated malicious user to perform a brute force attack on the...
Fortinet Fortimail
Fortinet Fortimail 7.4.0
5.4
CVSSv3
CVE-2023-36633
An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 up to and including 7.2.2 and prior to 7.0.5 allows an authenticated malicious user to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests.
Fortinet Fortimail
8.8
CVSSv3
CVE-2023-36556
An incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 up to and including 7.2.2, version 7.0.0 up to and including 7.0.5 and below 6.4.7 allows an authenticated malicious user to login on other users accounts from the same web domain via crafted HT...
Fortinet Fortimail
Fortinet Fortimail 7.2.0
Fortinet Fortimail 7.2.1
Fortinet Fortimail 7.2.2
5.4
CVSSv3
CVE-2023-36637
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiMail version 7.2.0 up to and including 7.2.2 and prior to 7.0.5 allows an authenticated malicious user to inject HTML tags in FortiMail's calendar via input fields.
Fortinet Fortimail 7.2.0
Fortinet Fortimail 7.2.1
Fortinet Fortimail 7.2.2
Fortinet Fortimail
5.3
CVSSv3
CVE-2022-29056
A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiMail version 6.4.0, version 6.2.0 up to and including 6.2.4 and prior to 6.0.9 allows a remote unauthenticated malicious user to partially exhaust CPU and memory via sending numer...
Fortinet Fortimail 6.4.0
Fortinet Fortimail
8.6
CVSSv3
CVE-2022-26122
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an malicious user to bypass the AV engine via manipulating MIME attachment with junk and pa...
Fortinet Fortimail 4.1.0
Fortinet Fortimail
Fortinet Fortios
Fortinet Fortios 7.2.0
Fortinet Antivirus Engine 6.33
Fortinet Antivirus Engine 6.253
Fortinet Antivirus Engine 6.252
Fortinet Antivirus Engine 6.243
Fortinet Antivirus Engine 6.157
Fortinet Antivirus Engine 6.156
Fortinet Antivirus Engine 6.145
Fortinet Antivirus Engine 6.144
Fortinet Antivirus Engine 6.142
Fortinet Antivirus Engine 6.137
Fortinet Antivirus Engine 4.4.54
Fortinet Antivirus Engine 2.0.60
Fortinet Antivirus Engine 2.0.49
Fortinet Antivirus Engine 0.4.23
6.5
CVSSv3
CVE-2022-39945
An improper access control vulnerability [CWE-284] in FortiMail 7.2.0, 7.0.0 up to and including 7.0.3, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an authenticated admin user assigned to a specific domain to access and modify other domains information via inse...
Fortinet Fortimail
Fortinet Fortimail 7.2.0
6.1
CVSSv3
CVE-2022-26114
An improper neutralization of input during web page generation vulnerability [CWE-79] in the Webmail of FortiMail prior to 7.2.0 may allow an unauthenticated malicious user to trigger a cross-site scripting (XSS) attack via sending specially crafted mail messages.
Fortinet Fortimail
7.8
CVSSv3
CVE-2022-22299
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 up to and including 6.0.4, FortiADC version 6.1.0 up to and including 6.1.5, FortiADC version 6.2.0 up to and including 6.2.1, FortiProxy version 1.0.0 up to and including 1.0.7, For...
Fortinet Fortiproxy
Fortinet Fortios
Fortinet Fortiadc 6.2.0
Fortinet Fortiadc 6.2.1
Fortinet Fortimail
Fortinet Fortiproxy 7.0.0
Fortinet Fortiproxy 7.0.1
Fortinet Fortiadc
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »