Vulnerabilities > Fortinet > Fortios > 7.0.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-18 | CVE-2022-29055 | Access of Uninitialized Pointer vulnerability in Fortinet Fortios and Fortiproxy A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenticated attacker to crash the sslvpn daemon via an HTTP GET request. | 7.5 |
2022-10-18 | CVE-2022-40684 | Improper Authentication vulnerability in Fortinet Fortios, Fortiproxy and Fortiswitchmanager An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. | 9.8 |
2022-08-03 | CVE-2022-23442 | Unspecified vulnerability in Fortinet Fortios An improper access control vulnerability [CWE-284] in FortiOS versions 6.2.0 through 6.2.11, 6.4.0 through 6.4.8 and 7.0.0 through 7.0.5 may allow an authenticated attacker with a restricted user profile to gather the checksum information about the other VDOMs via CLI commands. | 4.3 |