| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-22303 |
200 |
|
+Priv +Info |
2022-03-02 |
2022-03-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiManager versions prior to 7.0.2, 6.4.7 and 6.2.9 may allow a low privileged authenticated user to gain access to the FortiGate users credentials via the config conflict file. |
|
2 |
CVE-2022-22300 |
863 |
|
Bypass |
2022-03-01 |
2022-03-09 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5.6.0 through 5.6.11, FortiAnalyzer version 6.0.0 through 6.0.11, FortiAnalyzer version 6.2.0 through 6.2.9, FortiAnalyzer version 6.4.0 through 6.4.7, FortiAnalyzer version 7.0.0 through 7 .0.2, FortiManager version 5.6.0 through 5.6.11, FortiManager version 6.0.0 through 6.0.11, FortiManager version 6.2.0 through 6.2.9, FortiManager version 6.4.0 through 6.4.7, FortiManager version 7.0.0 through 7.0.2 allows attacker to bypass the device policy and force the password-change action for its user. |
|
3 |
CVE-2021-42757 |
120 |
|
Exec Code Overflow |
2021-12-08 |
2021-12-09 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments. |
|
4 |
CVE-2021-36192 |
200 |
|
+Info |
2021-11-03 |
2022-05-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS. |
|
5 |
CVE-2021-36170 |
522 |
|
|
2021-10-06 |
2021-10-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions 7.0.0 and 6.4.6 and below may allow an authenticated attacker to read the FortiCloud credentials which were used to activate the trial license in cleartext. |
|
6 |
CVE-2021-32603 |
918 |
|
|
2021-08-05 |
2021-08-12 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A server-side request forgery (SSRF) (CWE-918) vulnerability in FortiManager and FortiAnalyser GUI 7.0.0, 6.4.5 and below, 6.2.7 and below, 6.0.11 and below, 5.6.11 and below may allow a remote and authenticated attacker to access unauthorized files and services on the system via specifically crafted web requests. |
|
7 |
CVE-2021-32598 |
444 |
|
Http R.Spl. |
2021-08-05 |
2021-08-12 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability In FortiManager and FortiAnalyzer GUI 7.0.0, 6.4.6 and below, 6.2.8 and below, 6.0.11 and below, 5.6.11 and below may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response. |
|
8 |
CVE-2021-32597 |
79 |
|
XSS |
2021-08-06 |
2021-08-13 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Multiple improper neutralization of input during web page generation (CWE-79) in FortiManager and FortiAnalyzer versions 7.0.0, 6.4.5 and below, 6.2.7 and below user interface, may allow a remote authenticated attacker to perform a Stored Cross Site Scripting attack (XSS) by injecting malicious payload in GET parameters. |
|
9 |
CVE-2021-32587 |
863 |
|
|
2021-08-06 |
2021-09-21 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An improper access control vulnerability in FortiManager and FortiAnalyzer GUI interface 7.0.0, 6.4.5 and below, 6.2.8 and below, 6.0.11 and below, 5.6.11 and below may allow a remote and authenticated attacker with restricted user profile to retrieve the list of administrative users of other ADOMs and their related configuration. |
|
10 |
CVE-2021-26104 |
78 |
|
Exec Code |
2022-04-06 |
2022-04-22 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple OS command injection (CWE-78) vulnerabilities in the command line interface of FortiManager 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, FortiAnalyzer 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, and FortiPortal 5.2.5 and below, 5.3.5 and below and 6.0.4 and below may allow a local authenticated and unprivileged user to execute arbitrary shell commands as root via specifically crafted CLI command parameters. |
|
11 |
CVE-2021-24022 |
120 |
|
DoS Overflow |
2021-07-20 |
2021-07-29 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in FortiAnalyzer CLI 6.4.5 and below, 6.2.7 and below, 6.0.x and FortiManager CLI 6.4.5 and below, 6.2.7 and below, 6.0.x may allow an authenticated, local attacker to perform a Denial of Service attack by running the `diagnose system geoip-city` command with a large ip value. |
|
12 |
CVE-2021-24017 |
287 |
|
|
2021-09-30 |
2021-10-08 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
An improper authentication in Fortinet FortiManager version 6.4.3 and below, 6.2.6 and below allows attacker to assign arbitrary Policy and Object modules via crafted requests to the request handler. |
|
13 |
CVE-2021-24016 |
1236 |
|
Exec Code |
2021-09-30 |
2021-10-08 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4.3 and below, 6.2.7 and below allows attacker to execute arbitrary commands via crafted IPv4 field in policy name, when exported as excel file and opened unsafely on the victim host. |
|
14 |
CVE-2021-24006 |
863 |
|
|
2021-09-06 |
2021-09-10 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An improper access control vulnerability in FortiManager versions 6.4.0 to 6.4.3 may allow an authenticated attacker with a restricted user profile to access the SD-WAN Orchestrator panel via directly visiting its URL. |
|
15 |
CVE-2020-12811 |
79 |
|
XSS |
2020-09-24 |
2020-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An improper neutralization of script-related HTML tags in a web page in FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3and FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3 may allow an attacker to execute a cross site scripting (XSS) via the Identify Provider name field. |
|
16 |
CVE-2020-9289 |
798 |
|
|
2020-06-16 |
2020-07-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of the hard-coded key. |
|
17 |
CVE-2019-17657 |
400 |
|
DoS |
2020-04-07 |
2020-04-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service (DoS) via handling special crafted HTTP requests/responses in pieces slowly, as demonstrated by Slow HTTP DoS Attacks. |
|
18 |
CVE-2019-17654 |
345 |
|
|
2020-03-15 |
2020-03-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An Insufficient Verification of Data Authenticity vulnerability in FortiManager 6.2.1, 6.2.0, 6.0.6 and below may allow an unauthenticated attacker to perform a Cross-Site WebSocket Hijacking (CSWSH) attack. |
|
19 |
CVE-2018-13375 |
79 |
|
Exec Code XSS |
2019-05-28 |
2019-05-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An Improper Neutralization of Script-Related HTML Tags in Fortinet FortiAnalyzer 5.6.0 and below and FortiManager 5.6.0 and below allows an attacker to send DHCP request containing malicious scripts in the HOSTNAME parameter. The malicious script code is executed while viewing the logs in FortiAnalyzer and FortiManager (with FortiAnalyzer feature enabled). |
|
20 |
CVE-2018-1360 |
319 |
|
|
2019-04-25 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0 through 5.2.7, 5.4.0 and 5.4.1 may allow an unauthenticated attacker in a man in the middle position to retrieve the admin password via intercepting REST API JSON responses. |
|
21 |
CVE-2018-1355 |
601 |
|
|
2018-06-27 |
2019-03-08 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able to social engineer an authenticated user into generating a PDF file containing injected malicious URLs. |
|
22 |
CVE-2018-1354 |
732 |
|
|
2018-06-27 |
2019-10-03 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
An improper access control vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows a regular user edit the avatar picture of other users with arbitrary content. |
|
23 |
CVE-2018-1353 |
200 |
|
+Info |
2018-09-05 |
2018-10-25 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An information disclosure vulnerability in Fortinet FortiManager 6.0.1 and below versions allows a standard user with adom assignment read the interface settings of vdoms unrelated to the assigned adom. |
|
24 |
CVE-2018-1351 |
79 |
|
Exec Code XSS |
2018-06-28 |
2020-01-22 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.6 and below versions allows attacker to execute HTML/javascript code via managed remote devices CLI commands by viewing the remote device CLI config installation log. |
|
25 |
CVE-2015-3613 |
269 |
|
|
2020-02-04 |
2020-02-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP backup page |
|
26 |
CVE-2015-3612 |
79 |
|
XSS |
2020-02-04 |
2020-02-05 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A Cross-site Scripting (XSS) vulnerability exists in FortiManager 5.2.1 and earlier and 5.0.10 and earlier via an unspecified parameter in the FortiWeb auto update service page. |
|
27 |
CVE-2015-3611 |
78 |
|
|
2020-02-04 |
2020-02-05 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
A Command Injection vulnerability exists in FortiManager 5.2.1 and earlier and FortiManager 5.0.10 and earlier via unspecified vectors, which could let a malicious user run systems commands when executing a report. |
