Fortinet: >> Fortisandbox >> 3.2.2 Security Vulnerabilities
Improper limitation of a pathname to a restricted directory vulnerabilities in FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated user to obtain unauthorized access to files and data via specifially crafted web requests.
CVSS Score
8.1
EPSS Score
0.004
Published
2021-08-04
An instance of small space of random values in the RPC API of FortiSandbox before 4.0.0 may allow an attacker in possession of a few information pieces about the state of the device to possibly predict valid session IDs.
CVSS Score
5.3
EPSS Score
0.003
Published
2021-08-04
Page 4