Vulnerabilities > Fortinet > Fortiadc > 5.2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-08 | CVE-2021-32591 | Unspecified vulnerability in Fortinet products A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS credentials in FortiSandbox before 4.0.1, FortiWeb before 6.3.12, FortiADC before 6.2.1, FortiMail 7.0.1 and earlier may allow an attacker in possession of the password store to compromise the confidentiality of the encrypted secrets. | 5.3 |
| 2021-12-08 | CVE-2021-42757 | Out-of-bounds Write vulnerability in Fortinet products A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments. | 6.7 |
| 2021-11-02 | CVE-2020-15935 | Cleartext Storage of Sensitive Information vulnerability in Fortinet Fortiadc A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated attacker to retrieve some sensitive information such as users LDAP passwords and RADIUS shared secret by deobfuscating the passwords entry fields. | 4.0 |
| 2021-04-12 | CVE-2021-24024 | Information Exposure Through Log Files vulnerability in Fortinet Fortiadc A clear text storage of sensitive information into log file vulnerability in FortiADCManager 5.3.0 and below, 5.2.1 and below and FortiADC 5.3.7 and below may allow a remote authenticated attacker to read other local users' password in log files. | 4.0 |
| 2020-03-13 | CVE-2019-6699 | Cross-site Scripting vulnerability in Fortinet Fortiadc An improper neutralization of input vulnerability in Fortinet FortiADC 5.3.3 and earlier may allow an attacker to execute a stored Cross Site Scripting (XSS) via a field in the traffic group interface. | 3.5 |