High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-04	CVE-2021-22124	Resource Exhaustion vulnerability in Fortinet Fortiauthenticator and Fortisandbox An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via specifically-crafted long request parameters. network low complexity fortinet CWE-400	7.8
2015-02-03	CVE-2015-1455	Credentials Management vulnerability in Fortinet Fortiauthenticator 3.0.0 Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the slony PostgreSQL user and (2) www-data for the www-data PostgreSQL user, which makes it easier for remote attackers to obtain access via unspecified vectors. network low complexity fortinet CWE-255	7.5