The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Fortinet FortiOS

Fortinet FortiGate: IP flow hifing
An attacker can hide his atctivity, using an IP address owed by Fortinet FortiGate...
CERTFR-2020-AVI-595, CVE-2020-12818, FG-IR-20-033, VIGILANCE-VUL-33404
FortiOS: privilege escalation via SSL VPN 2FA Username Case
An attacker can bypass restrictions via SSL VPN 2FA Username Case of FortiOS, in order to escalate his privileges...
CERTFR-2020-AVI-441, CVE-2020-12812, FG-IR-19-283, VIGILANCE-VUL-32837
FortiAnalyzer/FortiManager: information disclosure via Hard-coded Cryptographic Key
An attacker can bypass access restrictions to data via Hard-coded Cryptographic Key of FortiAnalyzer/FortiManager, in order to obtain sensitive information...
CVE-2020-9289, FG-IR-19-007, VIGILANCE-VUL-32531
FortiOS: open redirect via Admin WebUI Initial Password Change
An attacker can deceive the user via Admin WebUI Initial Password Change of FortiOS, in order to redirect him to a malicious site...
CERTFR-2020-AVI-097, CVE-2019-6696, FG-IR-19-179, VIGILANCE-VUL-31633
FortiOS, FortiAnalyzer, FortiManager: denial of service via Slow HTTP
An attacker can trigger a fatal error via Slow HTTP of FortiOS, FortiAnalyzer, FortiManager, in order to trigger a denial of service...
CERTFR-2020-AVI-068, CVE-2019-17657, FG-IR-19-013, VIGILANCE-VUL-31506
Fortigate SSL VPN: privilege escalation via Credential Plaintext Storage
An attacker can bypass restrictions via Credential Plaintext Storage of Fortigate SSL VPN, in order to escalate his privileges...
CERTFR-2020-AVI-058, CVE-2019-17655, FG-IR-19-217, VIGILANCE-VUL-31441
FortiOS: denial of service via SSL VPN Portal POST Request
An attacker can trigger a fatal error via SSL VPN Portal POST Request of FortiOS, in order to trigger a denial of service...
CVE-2019-15705, FG-IR-19-236, VIGILANCE-VUL-31019
FortiGate: Cross Site Scripting via DHCP Monitor Page
An attacker can trigger a Cross Site Scripting via DHCP Monitor Page of FortiGate, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-589, CVE-2019-6697, VIGILANCE-VUL-30963
FortiOS: Man-in-the-Middle via FortiGuard Services Communication Hard-coded Cryptographic Key
An attacker can act as a Man-in-the-Middle via FortiGuard Services Communication Hard-coded Cryptographic Key on FortiOS, in order to read or write data in the session...
CERTFR-2019-AVI-581, CVE-2018-9195, FG-IR-18-100, SA-20191125-0, VIGILANCE-VUL-30916
FortiOS: information disclosure via Backup Hard-coded Cryptographic Key
An attacker can bypass access restrictions to data via Backup Hard-coded Cryptographic Key of FortiOS, in order to obtain sensitive information...
CERTFR-2019-AVI-584, CVE-2019-6693, FG-IR-19-007, VIGILANCE-VUL-30915
Our database contains other pages. You can request a free trial to read them.

Display information about Fortinet FortiOS: