Vulnerabilities > Fortinet > Forticlient Enterprise Management Server > 6.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-15 | CVE-2023-45581 | Unspecified vulnerability in Fortinet Forticlient Enterprise Management Server An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version 7.2.0 through 7.2.2 and before 7.0.10 allows an Site administrator with Super Admin privileges to perform global administrative operations affecting other sites via crafted HTTP or HTTPS requests. | 7.2 |
2021-12-01 | CVE-2021-32592 | Uncontrolled Search Path Element vulnerability in Fortinet products An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path. | 7.8 |
2021-11-02 | CVE-2020-15940 | Cross-site Scripting vulnerability in Fortinet Forticlient Enterprise Management Server An improper neutralization of input vulnerability [CWE-79] in FortiClientEMS versions 6.4.1 and below and 6.2.9 and below may allow a remote authenticated attacker to inject malicious script/tags via the name parameter of various sections of the server. | 5.4 |