Fortinet

Fortimanager

98 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2024-32123

  • EPSS 0.04%
  • Veröffentlicht 11.03.2025 14:54:38
  • Zuletzt bearbeitet 24.07.2025 19:05:03

Multiple improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager, FortiAnalyzer versions 7.4.0 through 7.4.2 7.2.0 through 7.2.5 and 7.0.0 through 7.0.12 and 6.4.0 through 6.4.14 and 6.2.0 ...

6

CVE-2024-36508

  • EPSS 0.1%
  • Veröffentlicht 11.02.2025 17:15:22
  • Zuletzt bearbeitet 24.07.2025 19:04:36

An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 and Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 CLI...

7.7

CVE-2024-33504

  • EPSS 0.04%
  • Veröffentlicht 11.02.2025 17:15:22
  • Zuletzt bearbeitet 24.07.2025 20:00:29

A use of hard-coded cryptographic key to encrypt sensitive data vulnerability [CWE-321] in FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9, 7.0 all versions, 6.4 all versions may allow an attacker with JSON API access permi...

7.2

CVE-2024-40584

  • EPSS 0.14%
  • Veröffentlicht 11.02.2025 17:15:22
  • Zuletzt bearbeitet 22.07.2025 21:37:17

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15 and 6.2.2 thro...

9.8

CVE-2024-50563

  • EPSS 0.25%
  • Veröffentlicht 16.01.2025 10:15:09
  • Zuletzt bearbeitet 24.09.2025 15:25:38

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Clou...

7.8

CVE-2024-45331

  • EPSS 0.02%
  • Veröffentlicht 16.01.2025 09:15:06
  • Zuletzt bearbeitet 03.02.2025 21:03:06

A incorrect privilege assignment in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, FortiManager versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 thro...

8.8

CVE-2024-50566

  • EPSS 0.61%
  • Veröffentlicht 14.01.2025 14:15:33
  • Zuletzt bearbeitet 03.02.2025 22:09:31

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager versions 7.6.0 through 7.6.1, versions 7.4.5 through 7.4.0, and versions 7.2.1 through 7.2.8, FortiManager Cloud versions 7.6.0 thro...

9.8

CVE-2024-48886

  • EPSS 0.13%
  • Veröffentlicht 14.01.2025 14:15:33
  • Zuletzt bearbeitet 03.02.2025 22:16:04

A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiM...

9.1

CVE-2024-48884

  • EPSS 0.54%
  • Veröffentlicht 14.01.2025 14:15:32
  • Zuletzt bearbeitet 08.08.2025 16:00:27

A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0...

9.8

CVE-2024-47571

  • EPSS 0.52%
  • Veröffentlicht 14.01.2025 14:15:32
  • Zuletzt bearbeitet 19.03.2025 16:03:34

An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper access to FortiGate via valid credentials.