The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of FortiOS

FortiOS, FortiAnalyzer, FortiManager: denial of service via Slow HTTP
An attacker can trigger a fatal error via Slow HTTP of FortiOS, FortiAnalyzer, FortiManager, in order to trigger a denial of service...
CERTFR-2020-AVI-068, CVE-2019-17657, FG-IR-19-013, VIGILANCE-VUL-31506
Fortigate SSL VPN: privilege escalation via Credential Plaintext Storage
An attacker can bypass restrictions via Credential Plaintext Storage of Fortigate SSL VPN, in order to escalate his privileges...
CERTFR-2020-AVI-058, CVE-2019-17655, FG-IR-19-217, VIGILANCE-VUL-31441
FortiOS: denial of service via SSL VPN Portal POST Request
An attacker can trigger a fatal error via SSL VPN Portal POST Request of FortiOS, in order to trigger a denial of service...
CVE-2019-15705, FG-IR-19-236, VIGILANCE-VUL-31019
FortiGate: Cross Site Scripting via DHCP Monitor Page
An attacker can trigger a Cross Site Scripting via DHCP Monitor Page of FortiGate, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-589, CVE-2019-6697, VIGILANCE-VUL-30963
FortiOS: Man-in-the-Middle via FortiGuard Services Communication Hard-coded Cryptographic Key
An attacker can act as a Man-in-the-Middle via FortiGuard Services Communication Hard-coded Cryptographic Key on FortiOS, in order to read or write data in the session...
CERTFR-2019-AVI-581, CVE-2018-9195, FG-IR-18-100, SA-20191125-0, VIGILANCE-VUL-30916
FortiOS: information disclosure via Backup Hard-coded Cryptographic Key
An attacker can bypass access restrictions to data via Backup Hard-coded Cryptographic Key of FortiOS, in order to obtain sensitive information...
CERTFR-2019-AVI-584, CVE-2019-6693, FG-IR-19-007, VIGILANCE-VUL-30915
FortiOS: denial of service via SSL VPN Portal POST Request
An attacker can trigger a fatal error via SSL VPN Portal POST Request of FortiOS, in order to trigger a denial of service...
FG-IR-19-236, VIGILANCE-VUL-30914
FortiOS: information disclosure via Private Keys
An attacker can bypass access restrictions to data via Private Keys of FortiOS, in order to obtain sensitive information...
CERTFR-2019-AVI-573, CVE-2019-5593, FG-IR-19-134, VIGILANCE-VUL-30889
FortiOS: information disclosure via DRBG Unsufficient Entropy
An attacker can bypass access restrictions to data via DRBG Unsufficient Entropy of FortiOS, in order to obtain sensitive information...
CERTFR-2019-AVI-523, CVE-2019-15703, FG-IR-19-186, VIGILANCE-VUL-30682
FortiOS: Cross Site Scripting via SSL VPN Portal
An attacker can trigger a Cross Site Scripting via SSL VPN Portal of FortiOS, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-239, CVE-2018-13380, FG-IR-18-383, VIGILANCE-VUL-30135
Our database contains other pages. You can request a free trial to read them.

Display information about FortiOS: