fortinet
1,136 tracked vulnerabilities.
CVE-2016-7560
CRITICAL
Fortinet FortiWLC - Use of Hard-coded Credentials in rsyncd Server
Oct 05, 2016
CVSS 9.8
EPSS 0.03
CVE-2016-4969
MEDIUM
FortiWan < 4.2.4 - Cross-Site Scripting via IP Parameter
Sep 21, 2016
CVSS 6.1
EPSS 0.02
CVE-2016-4968
MEDIUM
FortiWan < 4.2.5 - Authenticated Administrator Cookie Exposure via linkreport/tmp/admin_global
Sep 21, 2016
CVSS 6.5
EPSS 0.03
CVE-2016-4967
MEDIUM
FortiWan < 4.2.4 - Authenticated Sensitive Information Exposure via Configuration Backup or PCAP Download
Sep 21, 2016
CVSS 6.5
EPSS 0.03
CVE-2016-4966
MEDIUM
FortiWan < 4.2.4 - Authenticated Arbitrary File Download via UserName Parameter
Sep 21, 2016
CVSS 6.5
EPSS 0.02
CVE-2016-4965
HIGH
FortiWan < 4.2.5 - Authenticated Remote Code Execution via nslookup graph parameter
Sep 21, 2016
CVSS 8.8
EPSS 0.04
CVE-2016-4573
CRITICAL
Fortinet FortiSwitch - Unauthenticated Administrative Access via Empty Password Bypass
Sep 09, 2016
CVSS 9.8
EPSS 0.05
CVE-2016-6909
CRITICAL
FortiOS 4.1.0-4.1.10, 4.2.0-4.2.12, 4.3.0-4.3.8 & FortiSwitch <3.4.2 - RCE via Cookie Parser Buffer Overflow
Aug 24, 2016
CVSS 9.8
EPSS 0.50
CVE-2016-3195
MEDIUM
FortiManager and FortiAnalyzer 5.x < 5.0.12, 5.2.x < 5.2.6 - Cross-Site Scripting
Aug 19, 2016
CVSS 6.1
EPSS 0.01
CVE-2016-3194
MEDIUM
FortiManager and FortiAnalyzer 5.x - Cross-Site Scripting in Address Page
Aug 19, 2016
CVSS 6.1
EPSS 0.01
CVE-2016-3193
MEDIUM
FortiManager and FortiAnalyzer 5.x < 5.0.12, 5.2.x < 5.2.6, 5.4.x < 5.4.1 - Authenticated Stored Cross-Site Scripting
Aug 19, 2016
CVSS 5.4
EPSS 0.01
CVE-2016-3196
MEDIUM
FortiAnalyzer/FortiManager 5.x < 5.0.12/5.2.x < 5.2.6 Authenticated Stored XSS via Report Image
Aug 05, 2016
CVSS 5.4
EPSS 0.01
CVE-2016-5092
MEDIUM
FortiWeb < 5.5.3 - Authenticated Path Traversal via Autolearn Feature
Jul 13, 2016
CVSS 4.9
EPSS 0.02
CVE-2016-4066
HIGH
FortiWeb < 5.5.2 - Cross-Site Request Forgery via Password Change Request
Jul 13, 2016
CVSS 8.8
EPSS 0.01
CVE-2016-3978
MEDIUM
NUCLEI
FortiOS 5.0.x < 5.0.13, 5.2.x < 5.2.3, 5.4.x < 5.4.0 - Cross-Site Scripting via Login Redirect Parameter
Apr 08, 2016
CVSS 6.1
EPSS 0.07
CVE-2016-1909
CRITICAL
Fortinet <5.0.12 - Hardcoded Passphrase
Jan 15, 2016
CVSS 9.8
EPSS 0.71
CVE-2015-3613
CRITICAL
FortiManager <5.2.1 & <5.0.10 - Info Disclosure
Feb 04, 2020
CVSS 9.8
EPSS 0.02
CVE-2015-3612
MEDIUM
FortiManager < 5.0.10 - Cross-Site Scripting via FortiWeb Auto Update Service Page
Feb 04, 2020
CVSS 5.4
EPSS 0.01
CVE-2015-3611
HIGH
FortiManager <5.2.1 & <5.0.10 - Command Injection
Feb 04, 2020
CVSS 8.8
EPSS 0.06
CVE-2015-3617
HIGH
Fortinet FortiManager <5.0.11, <5.2.2 - Privilege Escalation
Aug 22, 2017
CVSS 7.8
EPSS 0.00
CVE-2015-3616
CRITICAL
Fortinet FortiManager <5.0.11, <5.2.2 - SQL Injection
Aug 11, 2017
CVSS 9.8
EPSS 0.02
CVE-2015-3615
MEDIUM
Fortinet FortiManager <5.0.11, <5.2.2 - XSS
Aug 11, 2017
CVSS 5.4
EPSS 0.01
CVE-2015-3614
HIGH
Fortinet FortiManager <5.0.11, <5.2.2 - Info Disclosure
Aug 11, 2017
CVSS 7.5
EPSS 0.02
CVE-2015-7363
MEDIUM
FortiManager and FortiAnalyzer 5.x < 5.0.12, 5.2.x < 5.2.3 - Stored Cross-Site Scripting in Report Filters
Oct 07, 2016
CVSS 5.4
EPSS 0.01
CVE-2015-7360
MEDIUM
FortiSandbox Firmware < 2.1 - Cross-Site Scripting via Multiple WebUI Parameters
May 26, 2016
CVSS 6.1
EPSS 0.02
Products
fortios 271
fortiweb 124
fortiproxy 121
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 59
FortiOS 47
fortimail 46
fortiportal 45
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 30
FortiProxy 29
fortimanager_cloud 27
fortipam 26
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
FortiPAM 16
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
fortianalyzer_big_data 13
Quick Filters