The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of FortiManager Virtual Appliance

FortiAnalyzer, FortiManager: privilege escalation via SSH Port Forwarding
An attacker can bypass restrictions via SSH Port Forwarding of FortiAnalyzer / FortiManager, in order to escalate his privileges...
CERTFR-2020-AVI-395, CVE-2004-1653, FG-IR-19-292, VIGILANCE-VUL-32649
FortiAnalyzer/FortiManager: information disclosure via Hard-coded Cryptographic Key
An attacker can bypass access restrictions to data via Hard-coded Cryptographic Key of FortiAnalyzer/FortiManager, in order to obtain sensitive information...
CVE-2020-9289, FG-IR-19-007, VIGILANCE-VUL-32531
FortiManager: information disclosure via Cross-Site WebSocket Hijacking
An attacker can bypass access restrictions to data via Cross-Site WebSocket Hijacking of FortiManager, in order to obtain sensitive information...
CERTFR-2020-AVI-093, CVE-2019-17654, FG-IR-19-191, VIGILANCE-VUL-31602
FortiOS: information disclosure via Backup Hard-coded Cryptographic Key
An attacker can bypass access restrictions to data via Backup Hard-coded Cryptographic Key of FortiOS, in order to obtain sensitive information...
CERTFR-2019-AVI-584, CVE-2019-6693, FG-IR-19-007, VIGILANCE-VUL-30915
Fortinet FortiOS, FortiManager: Man-in-the-Middle via Improper Certificate Revocation
An attacker can act as a Man-in-the-Middle via Improper Certificate Revocation on Fortinet FortiOS, FortiManager, in order to read or write data in the session...
CERTFR-2019-AVI-351, FG-IR-19-144, VIGILANCE-VUL-29850
FortiOS/FortiManager VM: privilege escalation via Image File System Integrity
An attacker can bypass restrictions via Image File System Integrity of FortiOS/FortiManager VM, in order to escalate his privileges...
CERTFR-2019-AVI-358, CVE-2019-5587, CVE-2019-6695, FG-IR-19-017, VIGILANCE-VUL-29468
FortiManager: information disclosure via REST API JSON Responses
An attacker can bypass access restrictions to data via REST API JSON Responses of FortiManager, in order to obtain sensitive information...
CERTFR-2019-AVI-185, CVE-2018-1360, FG-IR-18-051, VIGILANCE-VUL-29117
PostgreSQL: code execution via COPY TO/FROM PROGRAM
An attacker can use a vulnerability via COPY TO/FROM PROGRAM of PostgreSQL, in order to run code...
CERTFR-2020-AVI-395, CVE-2019-9193, FG-IR-19-294, VIGILANCE-VUL-28918
FortiManager: information disclosure via Vdoms Settings
An attacker can bypass access restrictions to data via Vdoms Settings of FortiManager, in order to obtain sensitive information...
CERTFR-2018-AVI-411, CVE-2018-1353, FG-IR-18-016, VIGILANCE-VUL-27097
FortiAnalyzer, FortiManager: Cross Site Scripting via CA And CRL Certificate View Page
An attacker can trigger a Cross Site Scripting via CA And CRL Certificate View Page of FortiAnalyzer/FortiManager, in order to run JavaScript code in the context of the web site...
CERTFR-2018-AVI-326, CVE-2017-17541, FG-IR-17-305, VIGILANCE-VUL-26643
Our database contains other pages. You can request a free trial to read them.

Display information about FortiManager Virtual Appliance: