The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Fortinet FortiGate Virtual Appliance

FortiOS: information disclosure via Replacement Messages
An attacker can bypass access restrictions to data via Replacement Messages of FortiOS, in order to obtain sensitive information...
CERTFR-2018-AVI-407, CVE-2018-13365, FG-IR-18-085, VIGILANCE-VUL-27079
IPsec IKEv1 Main Mode: information disclosure via Brute Force
An attacker can bypass access restrictions to data via Brute Force of IKEv1 Main Mode, in order to obtain sensitive information...
CVE-2018-5389, FG-IR-18-214, K42378447, Synology-SA-18:46, VIGILANCE-VUL-27022, VU#857035
FortiOS: privilege escalation via SSL-VPN SSO Bookmarked Pages
An attacker can bypass restrictions via SSL-VPN SSO Bookmarked Pages of FortiOS, in order to escalate his privileges...
CERTFR-2018-AVI-303, CVE-2018-9185, FG-IR-18-027, VIGILANCE-VUL-26528
FortiOS: privilege escalation via USB Storage Device
An attacker can bypass restrictions via USB Storage Device of FortiOS, in order to escalate his privileges...
CERTFR-2018-AVI-246, CVE-2017-14187, FG-IR-17-245, VIGILANCE-VUL-26195
FortiOS: information disclosure via Crafted URLs
An attacker can bypass access restrictions to data via Crafted URLs of FortiOS, in order to obtain sensitive information...
CERTFR-2018-AVI-246, CVE-2017-14185, FG-IR-17-231, VIGILANCE-VUL-26194
FortiOS: privilege escalation via SSL Deep-Inspection
An attacker can bypass restrictions via SSL Deep-Inspection of FortiOS, in order to escalate his privileges...
CERTFR-2018-AVI-239, CVE-2005-4900, FG-IR-17-160, TA17-075A, VIGILANCE-VUL-26157
FortiOS: information disclosure via fnsysctl
An attacker can bypass access restrictions to data via fnsysctl of FortiOS, in order to obtain sensitive information...
CERTFR-2017-AVI-459, CVE-2017-7738, FG-IR-17-172, VIGILANCE-VUL-24729
FortiOS: Cross Site Scripting via Web Proxy Disclaimer
An attacker can trigger a Cross Site Scripting via Web Proxy Disclaimer of FortiOS, in order to run JavaScript code in the context of the web site...
CERTFR-2017-AVI-392, CVE-2017-7739, FG-IR-17-168, VIGILANCE-VUL-24351
FortiOS: Cross Site Scripting via Login Disclaimer
An attacker can trigger a Cross Site Scripting via Login Disclaimer of FortiOS, in order to run JavaScript code in the context of the web site...
CVE-2017-7733, FG-IR-17-113, VIGILANCE-VUL-24233
FortiOS: denial of service via "params" Parameter
An attacker can generate a fatal error via "params" Parameter of FortiOS, in order to trigger a denial of service...
CVE-2017-14182, FG-IR-17-206, VIGILANCE-VUL-24232
Our database contains other pages. You can request a free trial to read them.

Display information about Fortinet FortiGate Virtual Appliance: