fortinet
1,122 tracked vulnerabilities.
CVE-2023-29180
HIGH
Fortinet FortiOS <7.2.4-6.0.16 - DoS
Feb 22, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-29179
MEDIUM
FortiOS 6.4.0-6.4.12, 7.0.0-7.0.11, 7.2.0-7.2.4 & FortiProxy 7.0.0-7.0.10, 7.2.0-7.2.4 DoS via HTTP Requests
Feb 22, 2024
CVSS 6.5
EPSS 0.01
CVE-2023-42791
HIGH
Fortinet FortiManager Path Traversal via Crafted HTTP Requests
Feb 20, 2024
CVSS 8.8
EPSS 0.11
CVE-2023-47537
MEDIUM
FortiOS 7.0.0-7.0.15, 7.2.0-7.2.6, 7.4.0-7.4.1 - Unauthenticated Man-in-the-Middle via FortiLink Certificate Validation
Feb 15, 2024
CVSS 4.8
EPSS 0.00
CVE-2023-45581
HIGH
FortiClientEMS 7.2.0-7.2.2 and < 7.0.10 - Authenticated Privilege Escalation via HTTP Requests
Feb 15, 2024
CVSS 8.8
EPSS 0.00
CVE-2023-44253
MEDIUM
FortiAnalyzer 7.4.0-7.4.1 and < 7.2.5 - Unauthorized Information Exposure via ADOM Enumeration
Feb 15, 2024
CVSS 5.0
EPSS 0.00
CVE-2023-26206
MEDIUM
Fortinet FortiNAC <9.4.2-<9.2.8-<9.1.10 - XSS
Feb 15, 2024
CVSS 6.8
EPSS 0.00
CVE-2023-48783
MEDIUM
PortiPortal <7.2.1-<6.0.14-<5.3.8 - Auth Bypass
Jan 10, 2024
CVSS 5.4
EPSS 0.00
CVE-2023-46712
HIGH
Fortinet FortiPortal <7.0.6, <7.2.1 - Privilege Escalation
Jan 10, 2024
CVSS 7.2
EPSS 0.00
CVE-2023-44250
HIGH
FortiProxy 7.4.0-7.4.1 and 7.2.5 - Authenticated Privilege Escalation via HTTP/HTTPS Requests
Jan 10, 2024
CVSS 8.8
EPSS 0.00
CVE-2023-37934
MEDIUM
FortiPAM 1.0 - Authenticated Denial of Service via High-Frequency HTTP/HTTPS Requests
Jan 10, 2024
CVSS 4.3
EPSS 0.00
CVE-2023-37932
MEDIUM
FortiVoice 7.0.0 and < 6.4.7 - Authenticated Path Traversal via HTTP/HTTPS Requests
Jan 10, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-44252
HIGH
FortiWAN 5.1.1-5.1.2 5.2.0-5.2.1 - Authenticated Privilege Escalation via Crafted JWT Token
Dec 13, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-44251
HIGH
FortiWAN 5.1.1-5.1.2 and 5.2.0-5.2.1 - Authenticated Path Traversal and Arbitrary File Deletion
Dec 13, 2023
CVSS 8.3
EPSS 0.01
CVE-2023-47536
LOW
FortiOS/FortiProxy Unauthenticated Firewall Policy Bypass via GeoIP Update Timing
Dec 13, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-48791
HIGH
FortiPortal <7.0.6 - Command Injection
Dec 13, 2023
CVSS 8.8
EPSS 0.02
CVE-2023-48782
HIGH
Fortinet FortiWLM <8.6.5 - Command Injection
Dec 13, 2023
CVSS 8.8
EPSS 0.04
CVE-2023-46713
MEDIUM
Fortinet FortiWeb <7.4.0 - Info Disclosure
Dec 13, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-45587
LOW
Fortinet FortiSandbox 3.1-4.4.2 - Cross-Site Scripting via Crafted HTTP Requests
Dec 13, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-41844
LOW
FortiSandbox 3.0.4-4.4.2 - Cross-Site Scripting via Capture Traffic Endpoint
Dec 13, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-41678
HIGH
Fortinet FortiOS <7.0.6 - Use After Free
Dec 13, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-41673
HIGH
Fortinet FortiADC <7.2.2 - Info Disclosure
Dec 13, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-40716
MEDIUM
FortiTester <7.2.3 - Command Injection
Dec 13, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-36639
HIGH
Fortinet FortiProxy 7.0.0-7.0.10 and 7.2.0-7.2.4 - Use of Externally-Controlled Format String via API Requests
Dec 13, 2023
CVSS 7.2
EPSS 0.00
CVE-2023-40719
MEDIUM
Fortinet FortiAnalyzer and FortiManager 7.0.0-7.0.8, 7.2.0-7.2.3, 7.4.0 - Use of Hard-coded Credentials
Nov 14, 2023
CVSS 4.1
EPSS 0.00
Products
fortios 267
fortiweb 124
fortiproxy 117
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 58
fortimail 46
fortiportal 44
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 29
fortimanager_cloud 27
fortipam 25
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
FortiOS 13
fortianalyzer_big_data 13
forticlientems 13
fortianalyzer_firmware 12
Quick Filters