) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/o:fortinet:fortiadc_firmware:3.2.0
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2020-9286 |
An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low privileges to perform certain actions such as rebooting the system. Published: April 07, 2020; 3:15:13 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 6.8 MEDIUM |
| CVE-2020-6647 |
An improper neutralization of input vulnerability in the dashboard of FortiADC may allow an authenticated attacker to perform a cross site scripting attack (XSS) via the name parameter. Published: April 07, 2020; 3:15:13 PM -0400 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2014-8618 |
Cross-site scripting (XSS) vulnerability in the theme login page in Fortinet FortiADC D models before 4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: May 12, 2015; 3:59:01 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2014-8582 |
FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote attackers to obtain access to arbitrary subnets via unspecified vectors. Published: November 01, 2014; 7:55:09 PM -0400 |
V3.x:(not available) V2.0: 6.4 MEDIUM |
| CVE-2014-0331 |
Cross-site scripting (XSS) vulnerability in the web administration interface in FortiADC with firmware before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the locale parameter to gui_partA/. Published: April 10, 2014; 4:29:20 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |