Fortinet

Fortipam

17 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2024-26009

  • EPSS 0.13%
  • Veröffentlicht 12.08.2025 18:59:47
  • Zuletzt bearbeitet 14.08.2025 01:13:14

An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and before 7.0.15 & FortiPAM before ve...

6.5

CVE-2025-25248

  • EPSS 0.06%
  • Veröffentlicht 12.08.2025 18:59:39
  • Zuletzt bearbeitet 14.08.2025 01:21:03

An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all ...

7.2

CVE-2023-45584

  • EPSS 0.19%
  • Veröffentlicht 12.08.2025 18:59:35
  • Zuletzt bearbeitet 14.08.2025 01:03:40

A double free vulnerability [CWE-415] in Fortinet FortiOS version 7.4.0, version 7.2.0 through 7.2.5 and before 7.0.12, FortiProxy version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 and FortiPAM version 1.1.0 through 1.1.2 and...

8.8

CVE-2025-22256

  • EPSS 0.03%
  • Veröffentlicht 10.06.2025 16:36:15
  • Zuletzt bearbeitet 24.07.2025 19:58:09

A improper handling of insufficient permissions or privileges in Fortinet FortiPAM 1.4.0 through 1.4.1, 1.3.0, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSRA 1.4.0 through 1.4.1 allows attacker to improper access control via specially craf...

4.8

CVE-2024-50562

Medienbericht
  • EPSS 0.38%
  • Veröffentlicht 10.06.2025 16:36:10
  • Zuletzt bearbeitet 25.07.2025 15:25:23

An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-...

7.2

CVE-2024-45324

  • EPSS 0.05%
  • Veröffentlicht 11.03.2025 14:54:33
  • Zuletzt bearbeitet 24.07.2025 19:06:14

A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.0 through 7.4.4, version 7.2.0 through 7.2.9, version 7.0.0 through 7.0.15 and before 6.4.15, FortiProxy version 7.4.0 through 7.4.6, version 7.2.0 through 7....

6.7

CVE-2023-40721

  • EPSS 0.04%
  • Veröffentlicht 11.02.2025 17:15:21
  • Zuletzt bearbeitet 24.07.2025 19:04:28

A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiOS version 7.4.0 through 7.4.1 and before 7.2.6, FortiProxy version 7.4.0 and before 7.2.7, FortiPAM version 1.1.2 and before 1.0.3, FortiSwitchManager version 7.2....

9.8

CVE-2024-26011

  • EPSS 0.05%
  • Veröffentlicht 12.11.2024 19:15:08
  • Zuletzt bearbeitet 12.12.2024 19:33:58

A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version...

8.8

CVE-2022-45862

  • EPSS 0.21%
  • Veröffentlicht 13.08.2024 16:15:07
  • Zuletzt bearbeitet 22.08.2024 14:32:16

An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0...

7.5

CVE-2024-26010

  • EPSS 0.17%
  • Veröffentlicht 11.06.2024 15:16:04
  • Zuletzt bearbeitet 11.12.2024 19:54:35

A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 ...