Known Vulnerabilities for Fortios by Fortinet
Listed below are 10 of the newest known vulnerabilities associated with "Fortios" by "Fortinet".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-23442 | An improper access control vulnerability [CWE-284] in FortiOS versions 6.2.0 through 6.2.11, 6.4.0 through 6.4.8 and 7.0.0 th... | 4.3 - MEDIUM | 2022-08-03 | 2023-08-08 |
| CVE-2022-23438 | An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in FortiOS ver... | 6.1 - MEDIUM | 2022-07-18 | 2022-07-25 |
| CVE-2022-22306 | An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through 6.0.14, 6.2.0 through 6.2.10, 6.4.0 throu... | 5.3 - MEDIUM | 2022-05-24 | 2022-06-06 |
| CVE-2022-22305 | An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7... | 4.2 - MEDIUM | 2023-09-01 | 2023-11-07 |
| CVE-2022-22302 | A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 th... | 3.3 - LOW | 2023-07-11 | 2023-11-07 |
| CVE-2022-22299 | A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC ver... | 7.8 - HIGH | 2022-08-05 | 2022-08-11 |
| CVE-2021-26103 | An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 a... | 8.8 - HIGH | 2021-12-08 | 2021-12-09 |
| CVE-2021-26092 | Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6... | 6.1 - MEDIUM | 2022-02-24 | 2022-03-02 |
| CVE-2021-24018 | A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located ... | 8.8 - HIGH | 2021-08-04 | 2023-08-08 |
| CVE-2021-24012 | An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP ... | 7.3 - HIGH | 2021-06-02 | 2021-06-14 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Fortinet | Fortios | 6.4.1 | All | All | All |
| Operating System | Fortinet | Fortios | 6.4.0 | All | All | All |
| Operating System | Fortinet | Fortios | 6.2.4 | All | All | All |
| Operating System | Fortinet | Fortios | 6.2.3 | All | All | All |
| Operating System | Fortinet | Fortios | 6.2.2 | All | All | All |
| Operating System | Fortinet | Fortios | 6.2.1 | All | All | All |
| Operating System | Fortinet | Fortios | 6.2.0 | All | All | All |
| Operating System | Fortinet | Fortios | 6.0.9 | All | All | All |
| Operating System | Fortinet | Fortios | 6.0.8 | All | All | All |
| Operating System | Fortinet | Fortios | 6.0.7 | All | All | All |
| Operating System | Fortinet | Fortios | 6.0.6 | All | All | All |
| Operating System | Fortinet | Fortios | 6.0.5 | All | All | All |
| Operating System | Fortinet | Fortios | 6.0.4 | All | All | All |
| Operating System | Fortinet | Fortios | 6.0.3 | All | All | All |
| Operating System | Fortinet | Fortios | 6.0.2 | All | All | All |
| Operating System | Fortinet | Fortios | 6.0.10 | All | All | All |
| Operating System | Fortinet | Fortios | 6.0.1 | All | All | All |
| Operating System | Fortinet | Fortios | 6.0.0 | All | All | All |
| Operating System | Fortinet | Fortios | 5.6.9 | All | All | All |
| Operating System | Fortinet | Fortios | 5.6.8 | All | All | All |