Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortiportal vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-36174
A memory allocation with excessive size value vulnerability in the license verification function of FortiPortal prior to 6.0.6 may allow an malicious user to perform a denial of service attack via specially crafted license blobs.
Fortinet Fortiportal
7.5
CVSSv3
CVE-2021-32596
A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 up to and including 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables.
Fortinet Fortiportal
7.5
CVSSv3
CVE-2017-7338
A password management vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an malicious user to carry out information disclosure via the FortiAnalyzer Management View.
Fortinet Fortiportal
7.5
CVSSv3
CVE-2017-7731
A weak password recovery vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows malicious user to carry out information disclosure via the Forgotten Password feature.
Fortinet Fortiportal
6.7
CVSSv3
CVE-2023-41842
A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 up to and including 7.4.1, version 7.2.0 up to and including 7.2.3 and prior to 7.0.10, Fortinet FortiAnalyzer version 7.4.0 up to and including 7.4.1, version 7.2.0 up to ...
Fortinet Fortianalyzer
Fortinet Fortimanager
Fortinet Fortianalyzer Bigdata
Fortinet Fortianalyzer Bigdata 6.2.5
Fortinet Fortiportal
6.7
CVSSv3
CVE-2021-42757
A buffer overflow [CWE-121] in the TFTP client library of FortiOS prior to 6.4.7 and FortiOS 7.0.0 up to and including 7.0.2, may allow an authenticated local malicious user to achieve arbitrary code execution via specially crafted command line arguments.
Fortinet Fortiweb 6.4.0
Fortinet Fortios
Fortinet Fortiweb 6.4.1
Fortinet Fortiproxy 7.0.0
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortiproxy 7.0.1
Fortinet Fortimail
Fortinet Fortios-6k7k 6.4.6
Fortinet Fortios-6k7k 6.4.2
Fortinet Fortiweb
Fortinet Fortiproxy
Fortinet Fortindr
Fortinet Fortiswitch
Fortinet Fortirecorder Firmware
Fortinet Fortios-6k7k
Fortinet Fortiadc
Fortinet Fortiportal
Fortinet Fortivoice
6.5
CVSSv3
CVE-2022-27490
A exposure of sensitive information to an unauthorized actor in Fortinet FortiManager version 6.0.0 up to and including 6.0.4, FortiAnalyzer version 6.0.0 up to and including 6.0.4, FortiPortal version 6.0.0 up to and including 6.0.9, 5.3.0 up to and including 5.3.8, 5.2.x, 5.1.0...
Fortinet Fortiportal
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortiswitch
6.5
CVSSv3
CVE-2022-43954
An insertion of sensitive information into log file vulnerability [CWE-532] in the FortiPortal management interface 7.0.0 up to and including 7.0.2 may allow a remote authenticated malicious user to read other devices' passwords in the audit log page.
Fortinet Fortiportal 7.0.2
Fortinet Fortiportal 7.0.1
Fortinet Fortiportal 7.0.0
6.5
CVSSv3
CVE-2021-32595
Multiple uncontrolled resource consumption vulnerabilities in the web interface of FortiPortal prior to 6.0.6 may allow a single low-privileged user to induce a denial of service via multiple HTTP requests.
Fortinet Fortiportal
6.5
CVSSv3
CVE-2021-36168
A Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Fortinet FortiPortal 6.x prior to 6.0.5, FortiPortal 5.3.x prior to 5.3.6 and any FortiPortal prior to 6.2.5 allows authenticated malicious user to disclosure information via crafted GET...
Fortinet Fortiportal
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »