Fortinet: >> Fortios >> 6.4.0 Security Vulnerabilities
An insufficient logging vulnerability in FortiGate before 6.4.1 may allow the traffic from an unauthenticated attacker to Fortinet owned IP addresses to go unnoticed.
CVSS Score
5.3
EPSS Score
0.003
Published
2020-09-24
CVE-2020-12812
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.
Known exploited
CVSS Score
9.8
EPSS Score
0.454
Published
2020-07-24
Page 13