Vulnerabilities > Fortinet > Fortisandbox > 3.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-11 | CVE-2022-27485 | SQL Injection vulnerability in Fortinet Fortisandbox A improper neutralization of special elements used in an sql command ('sql injection') vulnerability [CWE-89] in Fortinet FortiSandbox version 4.2.0, 4.0.0 through 4.0.2, 3.2.0 through 3.2.3, 3.1.x and 3.0.x allows a remote and authenticated attacker with read permission to retrieve arbitrary files from the underlying Linux system via a crafted HTTP request. | 6.5 |
| 2023-04-11 | CVE-2022-27487 | Improper Privilege Management vulnerability in Fortinet Fortideceptor and Fortisandbox A improper privilege management in Fortinet FortiSandbox version 4.2.0 through 4.2.2, 4.0.0 through 4.0.2 and before 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 through 4.0.2 and before 3.3.3 allows a remote authenticated attacker to perform unauthorized API calls via crafted HTTP or HTTPS requests. | 8.8 |
| 2022-12-06 | CVE-2022-30305 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fortinet Fortideceptor and Fortisandbox An insufficient logging [CWE-778] vulnerability in FortiSandbox versions 4.0.0 to 4.0.2, 3.2.0 to 3.2.3 and 3.1.0 to 3.1.5 and FortiDeceptor versions 4.2.0, 4.1.0 through 4.1.1, 4.0.0 through 4.0.2, 3.3.0 through 3.3.3, 3.2.0 through 3.2.2,3.1.0 through 3.1.1 and 3.0.0 through 3.0.2 may allow a remote attacker to repeatedly enter incorrect credentials without causing a log entry, and with no limit on the number of failed authentication attempts. | 7.5 |
| 2022-04-06 | CVE-2020-29013 | Improper Input Validation vulnerability in Fortinet Fortisandbox An improper input validation vulnerability in the sniffer interface of FortiSandbox before 3.2.2 may allow an authenticated attacker to silently halt the sniffer via specifically crafted requests. | 5.4 |
| 2021-09-08 | CVE-2020-29012 | Insufficient Session Expiration vulnerability in Fortinet Fortisandbox An insufficient session expiration vulnerability in FortiSandbox versions 3.2.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain information about other users configured on the device, should the attacker be able to obtain that session ID (via other, hypothetical attacks) | 5.3 |
| 2021-09-06 | CVE-2020-15939 | Unspecified vulnerability in Fortinet Fortisandbox An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration file via the recovery URL. | 4.3 |
| 2021-08-04 | CVE-2021-22124 | Resource Exhaustion vulnerability in Fortinet Fortiauthenticator and Fortisandbox An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via specifically-crafted long request parameters. | 7.5 |
| 2021-08-04 | CVE-2021-24014 | Cross-site Scripting vulnerability in Fortinet Fortisandbox Multiple instances of improper neutralization of input during web page generation vulnerabilities in FortiSandbox before 4.0.0 may allow an unauthenticated attacker to perform an XSS attack via specifically crafted request parameters. | 6.1 |
| 2021-08-04 | CVE-2021-26096 | Out-of-bounds Write vulnerability in Fortinet Fortisandbox Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox before 4.0.0 may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments. | 8.8 |
| 2021-08-04 | CVE-2020-29011 | SQL Injection vulnerability in Fortinet Fortisandbox Instances of SQL Injection vulnerabilities in the checksum search and MTA-quarantine modules of FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated attacker to execute unauthorized code on the underlying SQL interpreter via specifically crafted HTTP requests. | 8.8 |