The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of FortiGate Virtual Appliance

FortiGate: information disclosure via Events Log Entries
An attacker can bypass access restrictions to data via Events Log Entries of FortiGate, in order to obtain sensitive information...
CERTFR-2021-AVI-003, CVE-2020-29010, FG-IR-20-103, VIGILANCE-VUL-34247
FortiOS: information disclosure via diag sys ha checksum show
An attacker can bypass access restrictions to data via diag sys ha checksum show of FortiOS, in order to obtain sensitive information...
CERTFR-2020-AVI-684, CVE-2020-6648, FG-IR-20-009, VIGILANCE-VUL-33699
Fortinet Fortigate: Man-in-the-Middle via Valid SSL-VPN Certificate
An attacker can act as a Man-in-the-Middle via Valid SSL-VPN Certificate on Fortinet Fortigate, in order to read or write data in the session...
VIGILANCE-VUL-33426
FortiOS: Cross Site Scripting via SSLVPN Portal
An attacker can trigger a Cross Site Scripting via SSLVPN Portal of FortiOS, in order to run JavaScript code in the context of the web site...
CERTFR-2020-AVI-576, CVE-2019-15706, VIGILANCE-VUL-33353
FortiOS: privilege escalation via SSL VPN 2FA Username Case
An attacker can bypass restrictions via SSL VPN 2FA Username Case of FortiOS, in order to escalate his privileges...
CERTFR-2020-AVI-441, CVE-2020-12812, FG-IR-19-283, VIGILANCE-VUL-32837
FortiAnalyzer/FortiManager: information disclosure via Hard-coded Cryptographic Key
An attacker can bypass access restrictions to data via Hard-coded Cryptographic Key of FortiAnalyzer/FortiManager, in order to obtain sensitive information...
CVE-2020-9289, FG-IR-19-007, VIGILANCE-VUL-32531
FortiOS: open redirect via Admin WebUI Initial Password Change
An attacker can deceive the user via Admin WebUI Initial Password Change of FortiOS, in order to redirect him to a malicious site...
CERTFR-2020-AVI-097, CVE-2019-6696, FG-IR-19-179, VIGILANCE-VUL-31633
FortiOS, FortiAnalyzer, FortiManager: denial of service via Slow HTTP
An attacker can trigger a fatal error via Slow HTTP of FortiOS, FortiAnalyzer, FortiManager, in order to trigger a denial of service...
CERTFR-2020-AVI-068, CVE-2019-17657, FG-IR-19-013, VIGILANCE-VUL-31506
Fortigate SSL VPN: privilege escalation via Credential Plaintext Storage
An attacker can bypass restrictions via Credential Plaintext Storage of Fortigate SSL VPN, in order to escalate his privileges...
CERTFR-2020-AVI-058, CVE-2019-17655, FG-IR-19-217, VIGILANCE-VUL-31441
FortiOS: denial of service via SSL VPN Portal POST Request
An attacker can trigger a fatal error via SSL VPN Portal POST Request of FortiOS, in order to trigger a denial of service...
CVE-2019-15705, FG-IR-19-236, VIGILANCE-VUL-31019
Our database contains other pages. You can request a free trial to read them.

Display information about FortiGate Virtual Appliance: