Vulnerabilities > Fortinet > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-08 | CVE-2021-41030 | Authentication Bypass by Capture-replay vulnerability in Fortinet Forticlient Enterprise Management Server An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages. | 9.1 |
| 2021-12-08 | CVE-2021-26109 | Integer Overflow or Wraparound vulnerability in Fortinet Fortios An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution. | 9.8 |
| 2021-11-02 | CVE-2021-36186 | Out-of-bounds Write vulnerability in Fortinet Fortiweb A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests | 9.8 |
| 2021-10-06 | CVE-2021-24019 | Insufficient Session Expiration vulnerability in Fortinet Forticlient Endpoint Management Server An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and below, 6.2.8 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical attacks) | 9.8 |
| 2021-08-18 | CVE-2021-32588 | Use of Hard-coded Credentials vulnerability in Fortinet Fortiportal A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4 and below, versions 5.1.x and 5.0.x may allow a remote and unauthenticated attacker to execute unauthorized commands as root by uploading and deploying malicious web application archive files using the default hard-coded Tomcat Manager username and password. | 9.8 |
| 2021-07-12 | CVE-2021-26088 | Improper Authentication vulnerability in Fortinet Single Sign-On An improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO firewall policy and access the protected network via sending specifically crafted UDP login notification packets. | 9.6 |
| 2021-07-09 | CVE-2021-24007 | SQL Injection vulnerability in Fortinet Fortimail Multiple improper neutralization of special elements of SQL commands vulnerabilities in FortiMail before 6.4.4 may allow a non-authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests. | 9.8 |
| 2021-07-09 | CVE-2021-24020 | Improper Verification of Cryptographic Signature vulnerability in Fortinet Fortimail A missing cryptographic step in the implementation of the hash digest algorithm in FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to tamper with signed URLs by appending further data which allows bypass of signature verification. | 9.8 |
| 2021-02-08 | CVE-2020-6649 | Insufficient Session Expiration vulnerability in Fortinet Fortiisolator An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical attacks) | 9.8 |
| 2021-01-14 | CVE-2020-29016 | Out-of-bounds Write vulnerability in Fortinet Fortiweb A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a large certname. | 9.8 |