Fortinet

Fortimanager

98 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-52964

  • EPSS 0.23%
  • Published 12.08.2025 18:59:45
  • Last modified 14.08.2025 01:15:15

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9 and below 7.0.13 & FortiManager Cloud version 7.6....

2.7

CVE-2025-24474

Media report
  • EPSS 0.03%
  • Published 08.07.2025 14:41:34
  • Last modified 22.07.2025 18:11:02

An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2 all versions, 7.0 all versions, 6.4 all versions; FortiManager Cloud 7.4.1 th...

4.3

CVE-2024-54020

  • EPSS 0.04%
  • Published 28.05.2025 07:55:32
  • Last modified 04.06.2025 14:34:54

A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0 through 7.0.7 may allow an authenticated attacker to overwrite global threat feeds via crafted update requests.

5.3

CVE-2024-52962

Media report
  • EPSS 0.05%
  • Published 08.04.2025 14:15:32
  • Last modified 23.07.2025 16:02:05

An Improper Output Neutralization for Logs vulnerability [CWE-117] in FortiAnalyzer version 7.6.1 and below, version 7.4.5 and below, version 7.2.8 and below, version 7.0.13 and below and FortiManager version 7.6.1 and below, version 7.4.5 and below,...

7.5

CVE-2024-50565

Media report
  • EPSS 0.06%
  • Published 08.04.2025 14:15:31
  • Last modified 25.07.2025 15:22:38

A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15 and 6.2.0 through 6.2.16, Fortinet FortiPro...

7.5

CVE-2024-26013

Media report
  • EPSS 0.07%
  • Published 08.04.2025 14:15:30
  • Last modified 25.07.2025 15:22:20

A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15 and before 6.2.16, Fortinet FortiProxy vers...

9.8

CVE-2023-25610

Warning
  • EPSS 23.08%
  • Published 24.03.2025 15:39:48
  • Last modified 24.07.2025 19:56:34

A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 t...

6.5

CVE-2024-40585

  • EPSS 0.04%
  • Published 14.03.2025 15:45:46
  • Last modified 23.07.2025 21:13:40

An insertion of sensitive information into log file vulnerabilities [CWE-532] in FortiManager version 7.4.0, version 7.2.3 and below, version 7.0.8 and below, version 6.4.12 and below, version 6.2.11 and below and FortiAnalyzer version 7.4.0, version...

8.8

CVE-2024-46662

  • EPSS 0.07%
  • Published 14.03.2025 15:03:27
  • Last modified 24.07.2025 18:49:00

A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiManager versions 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to escalation of privilege via specifically c...

6.7

CVE-2024-33501

  • EPSS 0.03%
  • Published 11.03.2025 14:54:41
  • Last modified 24.07.2025 19:05:16

Two improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5, FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 and Fort...