Vulnerabilities > Fortinet
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-08 | CVE-2020-29012 | Insufficient Session Expiration vulnerability in Fortinet Fortisandbox An insufficient session expiration vulnerability in FortiSandbox versions 3.2.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain information about other users configured on the device, should the attacker be able to obtain that session ID (via other, hypothetical attacks) | 5.0 |
| 2021-09-08 | CVE-2021-36179 | Out-of-bounds Write vulnerability in Fortinet Fortiweb A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution | 6.5 |
| 2021-09-08 | CVE-2021-36182 | OS Command Injection vulnerability in Fortinet Fortiweb A Improper neutralization of special elements used in a command ('Command Injection') in Fortinet FortiWeb version 6.3.13 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests | 6.5 |
| 2021-09-06 | CVE-2021-24006 | Incorrect Authorization vulnerability in Fortinet Fortimanager An improper access control vulnerability in FortiManager versions 6.4.0 to 6.4.3 may allow an authenticated attacker with a restricted user profile to access the SD-WAN Orchestrator panel via directly visiting its URL. | 6.5 |
| 2021-09-06 | CVE-2020-15939 | Unspecified vulnerability in Fortinet Fortisandbox An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration file via the recovery URL. | 4.0 |
| 2021-08-19 | CVE-2021-32602 | Cross-site Scripting vulnerability in Fortinet Fortiportal An improper neutralization of input during web page generation vulnerability (CWE-79) in FortiPortal GUI 6.0.4 and below, 5.3.6 and below, 5.2.6 and below, 5.1.2 and below, 5.0.3 and below, 4.2.2 and below, 4.1.2 and below, 4.0.4 and below may allow a remote and unauthenticated attacker to perform an XSS attack via sending a crafted request with an invalid lang parameter or with an invalid org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE value. | 4.3 |
| 2021-08-18 | CVE-2021-32588 | Use of Hard-coded Credentials vulnerability in Fortinet Fortiportal A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4 and below, versions 5.1.x and 5.0.x may allow a remote and unauthenticated attacker to execute unauthorized commands as root by uploading and deploying malicious web application archive files using the default hard-coded Tomcat Manager username and password. | 10.0 |
| 2021-08-06 | CVE-2021-32587 | Incorrect Authorization vulnerability in Fortinet Fortianalyzer and Fortimanager An improper access control vulnerability in FortiManager and FortiAnalyzer GUI interface 7.0.0, 6.4.5 and below, 6.2.8 and below, 6.0.11 and below, 5.6.11 and below may allow a remote and authenticated attacker with restricted user profile to retrieve the list of administrative users of other ADOMs and their related configuration. | 4.0 |
| 2021-08-06 | CVE-2021-32597 | Cross-site Scripting vulnerability in Fortinet Fortianalyzer Multiple improper neutralization of input during web page generation (CWE-79) in FortiManager and FortiAnalyzer versions 7.0.0, 6.4.5 and below, 6.2.7 and below user interface, may allow a remote authenticated attacker to perform a Stored Cross Site Scripting attack (XSS) by injecting malicious payload in GET parameters. | 3.5 |
| 2021-08-05 | CVE-2021-32598 | HTTP Request Smuggling vulnerability in Fortinet Fortianalyzer and Fortimanager An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability In FortiManager and FortiAnalyzer GUI 7.0.0, 6.4.6 and below, 6.2.8 and below, 6.0.11 and below, 5.6.11 and below may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response. | 4.0 |