Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortisiem vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-9292
An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an malicious user to gain elevated privileges via the AoWinAgt executable service path.
Fortinet Fortisiem Windows Agent
668
VMScore
CVE-2019-16153
A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow malicious users to access the device database via the use of static credentials.
Fortinet Fortisiem
605
VMScore
CVE-2019-17653
A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a remote, unauthenticated malicious user to perform arbitrary actions using an authenticated user's session by persuading the victim to follow a malicious link.
Fortinet Fortisiem 5.2.5
409
VMScore
CVE-2021-41022
A improper privilege management in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows malicious user to execute privileged code or commands via powershell scripts
Fortinet Fortisiem
356
VMScore
CVE-2019-6700
An information exposure vulnerability in the external authentication profile form of FortiSIEM 5.2.2 and previous versions may allow an authenticated malicious user to retrieve the external authentication password via the HTML source code.
Fortinet Fortisiem
356
VMScore
CVE-2018-13378
An information disclosure vulnerability in Fortinet FortiSIEM 5.2.0 and below versions exposes the LDAP server plaintext password via the HTML source code.
Fortinet Fortisiem
312
VMScore
CVE-2019-17651
An Improper Neutralization of Input vulnerability in the description and title parameters of a Device Maintenance Schedule in FortiSIEM version 5.2.5 and below may allow a remote authenticated malicious user to perform a Stored Cross Site Scripting attack (XSS) by injecting malic...
Fortinet Fortisiem
187
VMScore
CVE-2021-41023
A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows an authenticated user to disclosure agent password due to plaintext credential storage in log files
Fortinet Fortisiem
NA
CVE-2024-23108
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 up to and including 7.1.1 and 7.0.0 up to and including 7.0.2 and 6.7.0 up to and including 6.7.8 and 6.6.0 up to and including 6.6.3 and 6....
Fortinet Fortisiem
Fortinet Fortisiem 7.1.1
Fortinet Fortisiem 7.1.0
2 Articles
NA
CVE-2024-23109
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 up to and including 7.1.1 and 7.0.0 up to and including 7.0.2 and 6.7.0 up to and including 6.7.8 and 6.6.0 up to and including 6.6.3 and 6....
Fortinet Fortisiem
Fortinet Fortisiem 7.1.1
Fortinet Fortisiem 7.1.0
2 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »