Known Vulnerabilities for Fortisandbox by Fortinet
Listed below are 10 of the newest known vulnerabilities associated with "Fortisandbox" by "Fortinet".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-22305 | An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7... | 4.2 - MEDIUM | 2023-09-01 | 2023-11-07 |
| CVE-2021-32591 | A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS credentials in FortiSandbox ... | 5.3 - MEDIUM | 2021-12-08 | 2023-08-08 |
| CVE-2021-26098 | An instance of small space of random values in the RPC API of FortiSandbox before 4.0.0 may allow an attacker in possession o... | 7.5 - HIGH | 2021-08-04 | 2021-08-11 |
| CVE-2021-26097 | An improper neutralization of special elements used in an OS Command vulnerability in FortiSandbox 3.2.0 through 3.2.2, 3.1.0... | 8.8 - HIGH | 2021-08-04 | 2021-08-10 |
| CVE-2021-26096 | Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox before 4.0.0 may allow an authenticated... | 8.8 - HIGH | 2021-08-04 | 2021-08-11 |
| CVE-2021-24014 | Multiple instances of improper neutralization of input during web page generation vulnerabilities in FortiSandbox before 4.0.... | 6.1 - MEDIUM | 2021-08-04 | 2021-08-11 |
| CVE-2021-24010 | Improper limitation of a pathname to a restricted directory vulnerabilities in FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 th... | 6.5 - MEDIUM | 2021-08-04 | 2021-08-11 |
| CVE-2021-22125 | An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an au... | 7.2 - HIGH | 2021-07-20 | 2022-05-03 |
| CVE-2021-22124 | An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2... | 7.5 - HIGH | 2021-08-04 | 2021-08-12 |
| CVE-2020-15939 | An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an ... | 4.3 - MEDIUM | 2021-09-06 | 2022-07-12 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Fortinet | Fortisandbox | 3.0.4 | All | All | All |
| Application | Fortinet | Fortisandbox | 3.0.3 | All | All | All |
| Application | Fortinet | Fortisandbox | 3.0.2 | All | All | All |
| Application | Fortinet | Fortisandbox | 3.0.1 | All | All | All |
| Application | Fortinet | Fortisandbox | 3.0.0 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.5.2 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.5.1 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.5.0 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.4.1 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.4.0 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.3.3 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.3.2 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.3.0 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.2.2 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.2.1 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.2.0 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.1.3 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.1.2 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.1.1 | All | All | All |
| Application | Fortinet | Fortisandbox | 2.1.0 | All | All | All |