Shodan
Vulnerabilities
Vulnerable Software
Fortinet:  Security Vulnerabilities
CVE-2014-2216
The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request.
CVSS Score
7.5
EPSS Score
0.058
Published
2014-08-25
CVE-2014-4738
Multiple cross-site scripting (XSS) vulnerabilities in FortiGuard FortiWeb 5.0.x, 5.1.x, and 5.2.x before 5.2.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) user/ldap_user/check_dlg or (2) user/radius_user/check_dlg.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-07-11
CVE-2014-3115
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Fortinet FortiWeb before 5.2.0 allow remote attackers to hijack the authentication of administrators via system/config/adminadd and other unspecified vectors.
CVSS Score
6.8
EPSS Score
0.001
Published
2014-05-08
CVE-2014-1955
Cross-site scripting (XSS) vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-04-30
CVE-2014-1956
CRLF injection vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.002
Published
2014-04-30
CVE-2014-1957
FortiGuard FortiWeb before 5.0.3 allows remote authenticated users to gain privileges via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.004
Published
2014-04-30
CVE-2013-6990
FortiGuard FortiAuthenticator before 3.0 allows remote administrators to gain privileges via the command line interface.
CVSS Score
9.0
EPSS Score
0.003
Published
2014-04-30
CVE-2014-0331
Cross-site scripting (XSS) vulnerability in the web administration interface in FortiADC with firmware before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the locale parameter to gui_partA/.
CVSS Score
4.3
EPSS Score
0.004
Published
2014-04-10
CVE-2014-1458
Cross-site scripting (XSS) vulnerability in the web administration interface in FortiGuard FortiWeb 5.0.3 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
3.5
EPSS Score
0.002
Published
2014-02-04
CVE-2013-7181
Cross-site scripting (XSS) vulnerability in user/ldap_user/add in Fortinet FortiOS 5.0.3 allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
CVSS Score
4.3
EPSS Score
0.008
Published
2014-02-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved