Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): FortiOS
  • Search Type: Search Last 3 Years
  • Match: Exact
There are 32 matching records.
Displaying matches 21 through 32.
Vuln ID Summary CVSS Severity
CVE-2018-13380

A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters.

Published: June 04, 2019; 5:29:00 PM -0400
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-13379

An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.

Published: June 04, 2019; 5:29:00 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 5.0 MEDIUM
CVE-2018-13365

An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page.

Published: May 29, 2019; 5:29:00 PM -0400
V3.0: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2018-13383

A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.

Published: May 29, 2019; 2:29:00 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-13366

An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol.

Published: April 09, 2019; 1:29:00 PM -0400
V3.0: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2017-17544

A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations.

Published: April 09, 2019; 12:29:00 PM -0400
V3.1: 7.2 HIGH
V2.0: 9.0 HIGH
CVE-2018-1352

A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable.

Published: February 08, 2019; 1:29:00 PM -0500
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-13374

A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one.

Published: January 22, 2019; 9:29:00 AM -0500
V3.0: 8.8 HIGH
V2.0: 4.0 MEDIUM
CVE-2018-13376

An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response.

Published: November 27, 2018; 10:29:00 AM -0500
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2018-9194

A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used.

Published: September 05, 2018; 9:29:00 AM -0400
V3.0: 5.9 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-9192

A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under SSL Deep Inspection feature when CPx being used.

Published: September 05, 2018; 9:29:00 AM -0400
V3.0: 5.9 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-9185

An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user's web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature.

Published: July 05, 2018; 9:29:00 AM -0400
V3.0: 8.1 HIGH
V2.0: 4.3 MEDIUM