Fortinet : Security Vulnerabilities, CVEs, Published In 2017 (Gain Privilege)
A privilege escalation in Fortinet FortiClient Windows 5.4.3 and earlier as well as 5.6.0 allows attacker to gain privilege via exploiting the Windows "security alert" dialog thereby popping up when the "VPN before logon" feature is enabled and an untrusted certificate chain.
Max CVSS
8.1
EPSS Score
0.88%
Published
2017-12-14
Updated
2019-10-03
Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving unspecified parameters and a privilege escalation attack.
Max CVSS
5.4
EPSS Score
0.08%
Published
2017-08-11
Updated
2017-08-26
2 vulnerabilities found