Fortinet

Fortimanager

98 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-33506

  • EPSS 0.11%
  • Published 08.10.2024 15:15:14
  • Last modified 21.01.2025 22:01:13

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiManager 7.4.2 and below, 7.2.5 and below, 7.0.12 and below allows a remote authenticated attacker assigned to an Administrative Domain (ADOM) to access devi...

6.5

CVE-2023-44254

  • EPSS 0.2%
  • Published 10.09.2024 15:15:14
  • Last modified 12.12.2024 13:56:07

An authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer version 7.4.1 and before 7.2.5 and FortiManager version 7.4.1 and before 7.2.5 may allow a remote attacker with low privileges to read sensitive data via a c...

7.8

CVE-2024-21757

  • EPSS 0.1%
  • Published 13.08.2024 16:15:08
  • Last modified 22.08.2024 14:34:54

A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and ve...

6.7

CVE-2023-47542

  • EPSS 0.16%
  • Published 09.04.2024 15:15:28
  • Last modified 17.01.2025 17:11:28

A improper neutralization of special elements used in a template engine [CWE-1336] in FortiManager versions 7.4.1 and below, versions 7.2.4 and below, and 7.0.10 and below allows attacker to execute unauthorized code or commands via specially crafted...

6.7

CVE-2023-41842

  • EPSS 0.07%
  • Published 12.03.2024 15:15:45
  • Last modified 11.07.2025 20:06:38

A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 ...

9.8

CVE-2023-36554

  • EPSS 0.2%
  • Published 12.03.2024 15:15:45
  • Last modified 21.11.2024 08:09:55

A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted...

8.8

CVE-2023-42791

  • EPSS 14.38%
  • Published 20.02.2024 14:15:08
  • Last modified 16.12.2024 22:23:14

A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0.0 through 7.0.8 and 6.4.0 through 6.4.12 and 6.2.0 through 6.2.11 allows attacker to execute unauthorized code or commands via crafted HTTP requests.

5

CVE-2023-44253

  • EPSS 0.33%
  • Published 15.02.2024 14:15:44
  • Last modified 21.11.2024 08:25:31

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiManager version 7.4.0 through 7.4.1 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.1 and before 7.2.5 and FortiAnalyzer-BigData before 7...

5.5

CVE-2023-40719

  • EPSS 0.05%
  • Published 14.11.2023 19:15:30
  • Last modified 21.11.2024 08:20:01

A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 - 7.0.8, 7.2.0 - 7.2.3 and 7.4.0 allows an attacker to access Fortinet private testing data via the use of static credentials.

6.5

CVE-2023-44256

Exploit
  • EPSS 0.72%
  • Published 20.10.2023 10:15:12
  • Last modified 21.11.2024 08:25:31

A server-side request forgery vulnerability [CWE-918] in Fortinet FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2.3 and before 7.0.8 and FortiManager version 7.4.0, version 7.2.0 through 7.2.3 and before 7.0.8 allows a remote attacker with low...