fortinet

1,136 tracked vulnerabilities.

CVE-2017-17544 HIGH
Fortinet FortiOS <5.4.0, 5.6.0-5.6.10, 6.0.0-6.0.6 Privilege Escalation via Config Restore
Apr 09, 2019
CVSS 7.2
EPSS 0.02
CVE-2017-7342 CRITICAL
FortiPortal <= 4.0.0 - Unauthenticated Remote Code Execution via Weak Password Recovery Process
Mar 25, 2019
CVSS 9.8
EPSS 0.01
CVE-2017-7340 MEDIUM
Fortinet FortiPortal < 4.0.0 - Cross-Site Scripting via FortiView applicationSearch Parameter
Mar 25, 2019
CVSS 6.1
EPSS 0.01
CVE-2017-17541 MEDIUM
FortiAnalyzer and FortiManager < 5.6.4 - Stored Cross-Site Scripting via CA and CRL Certificate Import
Jul 16, 2018
CVSS 6.1
EPSS 0.01
CVE-2017-14185 MEDIUM
FortiOS 5.2.0-5.2.12, 5.4.0-5.4.8, 5.6.0-5.6.2 - Information Disclosure via SSL-VPN Web Portal
May 25, 2018
CVSS 5.3
EPSS 0.01
CVE-2017-14187 MEDIUM
Fortinet FortiOS <5.6.3 - Privilege Escalation
May 24, 2018
CVSS 6.2
EPSS 0.00
CVE-2017-17540 CRITICAL
Fortinet FortiWLC 7.0-7.0.10 - Use of Hard-coded Credentials
May 08, 2018
CVSS 9.8
EPSS 0.02
CVE-2017-17539 CRITICAL
FortiWLC < 7.0.11 - Unauthenticated Remote Shell Access via Hardcoded Account
May 08, 2018
CVSS 9.8
EPSS 0.02
CVE-2017-17543 HIGH
FortiClient < 5.6.0 and FortiClient SSLVPN Client < 4.4.2335 - Inadequate Encryption Strength
Apr 26, 2018
CVSS 7.5
EPSS 0.00
CVE-2017-14191 MEDIUM
Fortinet FortiWeb <6.1.0 - Auth Bypass
Mar 20, 2018
CVSS 5.9
EPSS 0.01
CVE-2017-14190 MEDIUM
FortiOS < 5.2.0 - Cross-Site Scripting via Host Header
Jan 29, 2018
CVSS 6.1
EPSS 0.01
CVE-2017-14184 HIGH
Fortinet FortiClient <5.6.0 - Info Disclosure
Dec 15, 2017
CVSS 8.8
EPSS 0.02
CVE-2017-7344 HIGH
Fortinet FortiClient <5.4.3, <5.6.0 - Privilege Escalation
Dec 14, 2017
CVSS 8.1
EPSS 0.02
CVE-2017-7738 HIGH
Fortinet FortiOS <5.6.3 - Info Disclosure
Dec 13, 2017
CVSS 7.2
EPSS 0.01
CVE-2017-14189 CRITICAL
Fortinet FortiWebManager 5.8.0 - Info Disclosure
Nov 29, 2017
CVSS 9.8
EPSS 0.03
CVE-2017-14186 MEDIUM NUCLEI
FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting
Nov 29, 2017
CVSS 5.4
EPSS 0.04
CVE-2017-7736 MEDIUM
Fortinet FortiWeb <5.8.0-5.7.1 - XSS
Nov 22, 2017
CVSS 5.4
EPSS 0.00
CVE-2017-7739 MEDIUM
FortiOS 5.2.0-5.2.11, 5.4.0-5.4.5, 5.6.0 - Unauthenticated Reflected Cross-Site Scripting via Web Proxy Disclaimer Page
Nov 13, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-7733 MEDIUM
Fortinet FortiOS <5.4.5, 5.6.0 - XSS
Oct 27, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-14182 MEDIUM
FortiOS 5.4.0-5.4.5 - Authenticated Denial of Service via JSON API Params Parameter
Oct 27, 2017
CVSS 6.5
EPSS 0.02
CVE-2017-7732 MEDIUM
Fortinet FortiMail <5.1-<5.3.9 - XSS
Oct 26, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-7341 HIGH
Fortinet FortiWLC - Command Injection
Oct 26, 2017
CVSS 7.2
EPSS 0.04
CVE-2017-7335 MEDIUM
Fortinet FortiWLC Authenticated XSS via Refresh/Branchtotable Parameters
Oct 26, 2017
CVSS 5.4
EPSS 0.01
CVE-2017-7735 MEDIUM
Fortinet FortiOS <5.2.11, <5.4.4 - XSS
Sep 12, 2017
CVSS 5.4
EPSS 0.01
CVE-2017-7734 MEDIUM
Fortinet FortiOS 5.4.0-5.4.4 - Stored Cross-Site Scripting via Config Revisions Comments
Sep 12, 2017
CVSS 5.4
EPSS 0.01