Vulnerabilities > Fortinet > Fortimail > 5.4.3

DATE CVE VULNERABILITY TITLE RISK
2021-07-09 CVE-2021-26100 Improper Verification of Cryptographic Signature vulnerability in Fortinet Fortimail
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible.
network
low complexity
fortinet CWE-347
5.0
5.0
2020-04-27 CVE-2020-9294 Improper Authentication vulnerability in Fortinet Fortimail
An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated attacker to access the system as a legitimate user by requesting a password change via the user interface.
network
low complexity
fortinet CWE-287
critical
 9.8
9.8
2020-01-23 CVE-2019-15712 Unspecified vulnerability in Fortinet Fortimail
An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to access web console they should not be authorized for.
network
low complexity
fortinet
6.5
6.5
2020-01-23 CVE-2019-15707 Unspecified vulnerability in Fortinet Fortimail
An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for.
network
low complexity
fortinet
4.0
4.0