CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Fortinet : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2015-7362 264 +Priv 2016-01-08 2016-12-02
7.2
Admin Local Low Not required Complete Complete Complete
Fortinet FortiClient Linux SSLVPN before build 2313, when installed on Linux in a home directory that is world readable and executable, allows local users to gain privileges via the helper/subroc setuid program.
102 CVE-2015-7361 287 2015-10-15 2016-12-02
9.3
None Remote Medium Not required Complete Complete Complete
FortiOS 5.2.3, when configured to use High Availability (HA) and the dedicated management interface is enabled, does not require authentication for access to the ZebOS shell on the HA dedicated management interface, which allows remote attackers to obtain shell access via unspecified vectors.
103 CVE-2015-7360 79 XSS 2016-05-26 2018-10-09
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface (WebUI) in Fortinet FortiSandbox before 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) serial parameter to alerts/summary/profile/; the (2) urlForCreatingReport parameter to csearch/report/export/; the (3) id parameter to analysis/detail/download/screenshot; or vectors related to (4) "Fortiview threats by users search filtered by vdom" or (5) "PCAP file download generated by the VM scan feature."
104 CVE-2015-5965 20 2015-08-11 2016-12-23
5.0
None Remote Low Not required None Partial None
The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field.
105 CVE-2015-5738 200 +Info 2016-07-26 2017-09-02
7.8
None Remote Low Not required Complete None None
The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack.
106 CVE-2015-5737 264 2015-09-03 2018-10-09
7.2
None Local Low Not required Complete Complete Complete
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient before 5.2.4 do not properly restrict access to the API for management of processes and the Windows registry, which allows local users to obtain a privileged handle to a PID and possibly have unspecified other impact, as demonstrated by a 0x2220c8 ioctl call.
107 CVE-2015-5736 264 Exec Code 2015-09-03 2018-10-09
7.2
None Local Low Not required Complete Complete Complete
The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
108 CVE-2015-5735 264 2015-09-03 2018-10-09
7.2
None Local Low Not required Complete Complete Complete
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to write to arbitrary memory locations via a 0x226108 ioctl call.
109 CVE-2015-4077 200 +Info 2015-09-03 2018-10-09
2.1
None Local Low Not required Partial None None
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call.
110 CVE-2015-3626 79 XSS 2015-08-11 2016-12-02
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the DHCP Monitor page in the Web User Interface (WebUI) in Fortinet FortiOS before 5.2.4 on FortiGate devices allows remote attackers to inject arbitrary web script or HTML via a crafted hostname.
111 CVE-2015-3620 79 XSS 2015-05-12 2018-10-09
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the advanced dataset reports page in Fortinet FortiAnalyzer 5.0.0 through 5.0.10 and 5.2.0 through 5.2.1 and FortiManager 5.0.3 through 5.0.10 and 5.2.0 through 5.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
112 CVE-2015-3617 264 +Priv 2017-08-22 2017-08-29
4.6
None Local Low Not required Partial Partial Partial
Fortinet FortiManager 5.0 before 5.0.11 and 5.2 before 5.2.2 allow local users to gain privileges via crafted CLI commands.
113 CVE-2015-3616 89 Exec Code Sql 2017-08-11 2017-08-25
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to execute arbitrary commands via unspecified parameters.
114 CVE-2015-3615 79 XSS 2017-08-11 2017-08-25
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving unspecified parameters and a privilege escalation attack.
115 CVE-2015-3614 200 +Info 2017-08-11 2017-08-25
5.0
None Remote Low Not required Partial None None
Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to obtain arbitrary files via vectors involving another unspecified vulnerability.
116 CVE-2015-3293 200 +Info 2015-04-14 2017-01-02
4.0
None Remote Low Single system Partial None None
FortiMail 5.0.3 through 5.2.3 allows remote administrators to obtain credentials via the "diag debug application httpd" command.
117 CVE-2015-2323 310 2015-08-11 2016-12-02
6.4
None Remote Low Not required Partial Partial None
FortiOS 5.0.x before 5.0.12 and 5.2.x before 5.2.4 supports anonymous, export, RC4, and possibly other weak ciphers when using TLS to connect to FortiGuard servers, which allows man-in-the-middle attackers to spoof TLS content by modifying packets.
118 CVE-2015-2281 119 Exec Code Overflow 2015-03-19 2018-10-09
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote attackers to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000.
119 CVE-2015-1880 79 XSS 2015-05-12 2017-01-03
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
120 CVE-2015-1571 310 2015-02-10 2015-07-22
4.3
None Remote Medium Not required None Partial None
** DISPUTED ** The CAPWAP DTLS protocol implementation in Fortinet FortiOS 5.0 Patch 7 build 4457 uses the same certificate and private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the Fortinet_Factory certificate and private key. NOTE: FG-IR-15-002 says "The Fortinet_Factory certificate is unique to each device ... An attacker cannot therefore stage a MitM attack."
121 CVE-2015-1570 310 2015-02-10 2015-02-11
4.3
None Remote Medium Not required None Partial None
The Endpoint Control protocol implementation in Fortinet FortiClient 5.2.3.091 for Android and 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to spoof servers via a crafted certificate.
122 CVE-2015-1569 310 2015-02-10 2015-02-11
4.3
None Remote Medium Not required None Partial None
Fortinet FortiClient 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to spoof SSL VPN servers via a crafted certificate.
123 CVE-2015-1459 79 XSS 2015-02-03 2017-09-07
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the operation parameter to cert/scep/.
124 CVE-2015-1458 264 +Priv Bypass 2015-02-03 2017-09-07
6.9
None Local Medium Not required Complete Complete Complete
Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intended restrictions and gain privileges by creating /tmp/privexec/dbgcore_enable_shell_access and executing the "shell" command.
125 CVE-2015-1457 200 +Info 2015-02-03 2017-09-07
4.9
None Local Low Not required Complete None None
Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command.
126 CVE-2015-1456 200 +Info 2015-02-03 2015-02-19
4.0
None Remote Low Single system Partial None None
Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and passwords in cleartext, which allows remote administrators to obtain sensitive information by reading the log at debug/startup/.
127 CVE-2015-1455 255 2015-02-03 2015-02-19
7.5
None Remote Low Not required Partial Partial Partial
Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the slony PostgreSQL user and (2) www-data for the www-data PostgreSQL user, which makes it easier for remote attackers to obtain access via unspecified vectors.
128 CVE-2015-1453 310 2015-02-02 2015-11-30
5.0
None Remote Low Not required Partial None None
The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of FoRtInEt!AnDrOiD, which makes it easier for attackers to obtain passwords and possibly other sensitive data by leveraging the key to decrypt data in the Shared Preferences.
129 CVE-2015-1452 17 DoS 2015-02-02 2015-02-19
7.8
None Remote Low Not required None None Complete
The Control and Provisioning of Wireless Access Points (CAPWAP) daemon in Fortinet FortiOS 5.0 Patch 7 build 4457 allows remote attackers to cause a denial of service (locked CAPWAP Access Controller) via a large number of ClientHello DTLS messages.
130 CVE-2015-1451 79 XSS 2015-02-02 2015-02-19
3.5
None Remote Medium Single system None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP Active Software Version field in a CAPWAP Join request.
131 CVE-2014-8619 79 XSS 2015-05-12 2017-01-02
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the autolearn configuration page in Fortinet FortiWeb 5.1.2 through 5.3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
132 CVE-2014-8618 79 XSS 2015-05-12 2017-01-02
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the theme login page in Fortinet FortiADC D models before 4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
133 CVE-2014-8617 79 XSS 2015-03-04 2015-11-19
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the Web Action Quarantine Release feature in the WebGUI in Fortinet FortiMail before 4.3.9, 5.0.x before 5.0.8, 5.1.x before 5.1.5, and 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via the release parameter to module/releasecontrol.
134 CVE-2014-8616 79 XSS 2015-05-12 2017-01-02
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.2.x before 5.2.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) user group or (2) vpn template menus.
135 CVE-2014-8582 2014-11-01 2017-09-07
6.4
None Remote Low Not required Partial Partial None
FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote attackers to obtain access to arbitrary subnets via unspecified vectors.
136 CVE-2014-4738 79 XSS 2014-07-11 2017-08-28
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in FortiGuard FortiWeb 5.0.x, 5.1.x, and 5.2.x before 5.2.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) user/ldap_user/check_dlg or (2) user/radius_user/check_dlg.
137 CVE-2014-3115 352 CSRF 2014-05-08 2015-07-31
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Fortinet FortiWeb before 5.2.0 allow remote attackers to hijack the authentication of administrators via system/config/adminadd and other unspecified vectors.
138 CVE-2014-2336 79 XSS 2014-10-31 2017-08-28
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335.
139 CVE-2014-2335 79 XSS 2014-10-31 2017-08-28
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.
140 CVE-2014-2334 79 XSS 2014-10-31 2017-08-28
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.
141 CVE-2014-2216 DoS Exec Code 2014-08-25 2017-08-28
7.5
None Remote Low Not required Partial Partial Partial
The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request.
142 CVE-2014-1957 264 +Priv 2014-04-30 2014-07-18
6.5
User Remote Low Single system Partial Partial Partial
FortiGuard FortiWeb before 5.0.3 allows remote authenticated users to gain privileges via unspecified vectors.
143 CVE-2014-1956 Http R.Spl. 2014-04-30 2014-07-18
5.0
None Remote Low Not required None Partial None
CRLF injection vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
144 CVE-2014-1955 79 XSS 2014-04-30 2014-07-18
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
145 CVE-2014-1458 79 XSS 2014-02-04 2017-08-28
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in the web administration interface in FortiGuard FortiWeb 5.0.3 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors.
146 CVE-2014-0351 310 +Info 2014-09-10 2017-08-28
5.4
None Local Network Medium Not required Partial Partial Partial
The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or interfere with communications by modifying the client-server data stream.
147 CVE-2014-0331 79 XSS 2014-04-10 2017-12-15
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the web administration interface in FortiADC with firmware before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the locale parameter to gui_partA/.
148 CVE-2013-7182 79 XSS 2014-02-04 2014-02-11
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote attackers to inject arbitrary web script or HTML via the mkey parameter.
149 CVE-2013-7181 79 XSS 2014-02-04 2015-07-27
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in user/ldap_user/add in Fortinet FortiOS 5.0.3 allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
150 CVE-2013-6990 264 +Priv 2014-04-30 2017-08-28
9.0
Admin Remote Low Single system Complete Complete Complete
FortiGuard FortiAuthenticator before 3.0 allows remote administrators to gain privileges via the command line interface.
Total number of vulnerabilities : 187   Page : 1 2 3 (This Page)4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.