The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Fortinet FortiOS

FortiGate: information disclosure via Events Log Entries
An attacker can bypass access restrictions to data via Events Log Entries of FortiGate, in order to obtain sensitive information...
CERTFR-2021-AVI-003, CVE-2020-29010, FG-IR-20-103, VIGILANCE-VUL-34247
FortiOS: information disclosure via diag sys ha checksum show
An attacker can bypass access restrictions to data via diag sys ha checksum show of FortiOS, in order to obtain sensitive information...
CERTFR-2020-AVI-684, CVE-2020-6648, FG-IR-20-009, VIGILANCE-VUL-33699
Fortinet Fortigate: Man-in-the-Middle via Valid SSL-VPN Certificate
An attacker can act as a Man-in-the-Middle via Valid SSL-VPN Certificate on Fortinet Fortigate, in order to read or write data in the session...
VIGILANCE-VUL-33426
Fortinet FortiOS: buffer overflow via SSL VPN
An attacker can trigger a buffer overflow via SSL VPN of Fortinet FortiOS, in order to trigger a denial of service, and possibly to run code...
CERTFR-2020-AVI-606, CVE-2020-12820, FG-IR-20-083, VIGILANCE-VUL-33425
Fortinet FortiOS: buffer overflow via LCP
An attacker can trigger a buffer overflow via LCP of Fortinet FortiOS, in order to trigger a denial of service, and possibly to run code...
CERTFR-2020-AVI-606, CVE-2020-12819, FG-IR-20-082, VIGILANCE-VUL-33422
Fortinet FortiGate: IP flow hifing
An attacker can hide his atctivity, using an IP address owed by Fortinet FortiGate...
CERTFR-2020-AVI-595, CVE-2020-12818, FG-IR-20-033, VIGILANCE-VUL-33404
FortiOS: Cross Site Scripting via SSLVPN Portal
An attacker can trigger a Cross Site Scripting via SSLVPN Portal of FortiOS, in order to run JavaScript code in the context of the web site...
CERTFR-2020-AVI-576, CVE-2019-15706, VIGILANCE-VUL-33353
FortiOS: privilege escalation via SSL VPN 2FA Username Case
An attacker can bypass restrictions via SSL VPN 2FA Username Case of FortiOS, in order to escalate his privileges...
CERTFR-2020-AVI-441, CVE-2020-12812, FG-IR-19-283, VIGILANCE-VUL-32837
FortiAnalyzer/FortiManager: information disclosure via Hard-coded Cryptographic Key
An attacker can bypass access restrictions to data via Hard-coded Cryptographic Key of FortiAnalyzer/FortiManager, in order to obtain sensitive information...
CVE-2020-9289, FG-IR-19-007, VIGILANCE-VUL-32531
FortiOS: open redirect via Admin WebUI Initial Password Change
An attacker can deceive the user via Admin WebUI Initial Password Change of FortiOS, in order to redirect him to a malicious site...
CERTFR-2020-AVI-097, CVE-2019-6696, FG-IR-19-179, VIGILANCE-VUL-31633
Our database contains other pages. You can request a free trial to read them.

Display information about Fortinet FortiOS: