Vulnerabilities > Fortinet > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-10-06 CVE-2021-24019 Insufficient Session Expiration vulnerability in Fortinet Forticlient Endpoint Management Server
An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and below, 6.2.8 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical attacks)
network
low complexity
fortinet CWE-613
critical
9.8
2021-08-18 CVE-2021-32588 Use of Hard-coded Credentials vulnerability in Fortinet Fortiportal
A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4 and below, versions 5.1.x and 5.0.x may allow a remote and unauthenticated attacker to execute unauthorized commands as root by uploading and deploying malicious web application archive files using the default hard-coded Tomcat Manager username and password.
network
low complexity
fortinet CWE-798
critical
9.8
2021-07-12 CVE-2021-26088 Improper Authentication vulnerability in Fortinet Single Sign-On
An improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO firewall policy and access the protected network via sending specifically crafted UDP login notification packets.
low complexity
fortinet CWE-287
critical
9.6
2021-07-09 CVE-2021-24007 SQL Injection vulnerability in Fortinet Fortimail
Multiple improper neutralization of special elements of SQL commands vulnerabilities in FortiMail before 6.4.4 may allow a non-authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
network
low complexity
fortinet CWE-89
critical
9.8
2021-07-09 CVE-2021-24020 Improper Verification of Cryptographic Signature vulnerability in Fortinet Fortimail
A missing cryptographic step in the implementation of the hash digest algorithm in FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to tamper with signed URLs by appending further data which allows bypass of signature verification.
network
low complexity
fortinet CWE-347
critical
9.8
2021-02-08 CVE-2020-6649 Insufficient Session Expiration vulnerability in Fortinet Fortiisolator
An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical attacks)
network
low complexity
fortinet CWE-613
critical
9.8
2021-01-14 CVE-2020-29016 Out-of-bounds Write vulnerability in Fortinet Fortiweb
A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a large certname.
network
low complexity
fortinet CWE-787
critical
9.8
2021-01-14 CVE-2020-29015 SQL Injection vulnerability in Fortinet Fortiweb
A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL statement.
network
low complexity
fortinet CWE-89
critical
9.8
2020-07-24 CVE-2020-12812 Improper Handling of Case Sensitivity vulnerability in Fortinet Fortios
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.
network
low complexity
fortinet CWE-178
critical
9.8
2020-06-04 CVE-2020-9292 Unquoted Search Path or Element vulnerability in Fortinet Fortisiem Windows Agent 3.0/3.1.2
An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the AoWinAgt executable service path.
network
low complexity
fortinet CWE-428
critical
9.8