Fortinet

Fortios

236 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2022-35842

  • EPSS 0.57%
  • Veröffentlicht 02.11.2022 12:15:53
  • Zuletzt bearbeitet 21.11.2024 07:11:48

An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiOS SSL-VPN versions 7.2.0, versions 7.0.0 through 7.0.6 and versions 6.4.0 through 6.4.9 may allow a remote unauthenticated attacker to gain information abo...

8.6

CVE-2022-26122

  • EPSS 0.11%
  • Veröffentlicht 02.11.2022 12:15:52
  • Zuletzt bearbeitet 21.11.2024 06:53:28

An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME att...

8.1

CVE-2022-30307

  • EPSS 0.22%
  • Veröffentlicht 02.11.2022 12:15:52
  • Zuletzt bearbeitet 21.11.2024 07:02:32

A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below may allow an unauthenticated attacker to perform a man in the middle attack.

7.5

CVE-2022-29055

  • EPSS 0.21%
  • Veröffentlicht 18.10.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:58:25

A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenti...

9.8

CVE-2022-40684

Warnung Exploit
  • EPSS 94.43%
  • Veröffentlicht 18.10.2022 14:15:09
  • Zuletzt bearbeitet 19.02.2025 19:37:18

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 all...

8

CVE-2021-44171

  • EPSS 0.26%
  • Veröffentlicht 10.10.2022 14:15:09
  • Zuletzt bearbeitet 21.11.2024 06:30:29

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7....

3.3

CVE-2022-29053

  • EPSS 0.11%
  • Veröffentlicht 06.09.2022 18:15:13
  • Zuletzt bearbeitet 21.11.2024 06:58:24

A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the keytab files in FortiOS version 7.2.0, 7.0.0 through 7.0.5 and below 7.0.0 may allow an attacker in possession of the encrypted file to decipher it.

7.5

CVE-2022-27491

  • EPSS 0.05%
  • Veröffentlicht 06.09.2022 18:15:12
  • Zuletzt bearbeitet 21.11.2024 06:55:49

A improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 through 7.214, 7.001 through 7.113, 6.001 through 6.121, 5.001 through 5.258 and before 4.086 allows a remote and unauthenticated attacker ...

5.4

CVE-2021-43080

  • EPSS 0.56%
  • Veröffentlicht 06.09.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:28:39

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.2.0, version 6.4.0 through 6.4.9, version 7.0.0 through 7.0.5 may allow an authenticated attacker to perform a stored cross site scripting (XSS...

7.8

CVE-2022-22299

  • EPSS 0.04%
  • Veröffentlicht 05.08.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:46:35

A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1....