Fortinet

Fortios

236 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2022-35842

  • EPSS 0.57%
  • Published 02.11.2022 12:15:53
  • Last modified 21.11.2024 07:11:48

An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiOS SSL-VPN versions 7.2.0, versions 7.0.0 through 7.0.6 and versions 6.4.0 through 6.4.9 may allow a remote unauthenticated attacker to gain information abo...

8.6

CVE-2022-26122

  • EPSS 0.11%
  • Published 02.11.2022 12:15:52
  • Last modified 21.11.2024 06:53:28

An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME att...

8.1

CVE-2022-30307

  • EPSS 0.22%
  • Published 02.11.2022 12:15:52
  • Last modified 21.11.2024 07:02:32

A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below may allow an unauthenticated attacker to perform a man in the middle attack.

7.5

CVE-2022-29055

  • EPSS 0.21%
  • Published 18.10.2022 15:15:09
  • Last modified 21.11.2024 06:58:25

A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenti...

9.8

CVE-2022-40684

Warning Exploit
  • EPSS 94.43%
  • Published 18.10.2022 14:15:09
  • Last modified 19.02.2025 19:37:18

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 all...

8

CVE-2021-44171

  • EPSS 0.26%
  • Published 10.10.2022 14:15:09
  • Last modified 21.11.2024 06:30:29

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7....

3.3

CVE-2022-29053

  • EPSS 0.11%
  • Published 06.09.2022 18:15:13
  • Last modified 21.11.2024 06:58:24

A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the keytab files in FortiOS version 7.2.0, 7.0.0 through 7.0.5 and below 7.0.0 may allow an attacker in possession of the encrypted file to decipher it.

7.5

CVE-2022-27491

  • EPSS 0.05%
  • Published 06.09.2022 18:15:12
  • Last modified 21.11.2024 06:55:49

A improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 through 7.214, 7.001 through 7.113, 6.001 through 6.121, 5.001 through 5.258 and before 4.086 allows a remote and unauthenticated attacker ...

5.4

CVE-2021-43080

  • EPSS 0.56%
  • Published 06.09.2022 16:15:08
  • Last modified 21.11.2024 06:28:39

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.2.0, version 6.4.0 through 6.4.9, version 7.0.0 through 7.0.5 may allow an authenticated attacker to perform a stored cross site scripting (XSS...

7.8

CVE-2022-22299

  • EPSS 0.04%
  • Published 05.08.2022 20:15:08
  • Last modified 21.11.2024 06:46:35

A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1....