Known Vulnerabilities for Fortiweb by Fortinet
Listed below are 10 of the newest known vulnerabilities associated with "Fortiweb" by "Fortinet".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-22297 | An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter ... | 5.5 - MEDIUM | 2023-03-07 | 2023-11-07 |
| CVE-2021-36187 | A uncontrolled resource consumption in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows atta... | 7.5 - HIGH | 2021-11-02 | 2021-11-04 |
| CVE-2021-36186 | A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker t... | 9.8 - CRITICAL | 2021-11-02 | 2021-11-04 |
| CVE-2021-36182 | A Improper neutralization of special elements used in a command ('Command Injection') in Fortinet FortiWeb version 6.3.13 and... | 8.8 - HIGH | 2021-09-08 | 2021-09-14 |
| CVE-2021-36180 | Multiple improper neutralization of special elements used in a command vulnerabilities [CWE-77] in FortiWeb management interf... | 8.8 - HIGH | 2021-12-08 | 2022-07-12 |
| CVE-2021-36179 | A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unaut... | 8.8 - HIGH | 2021-09-08 | 2021-09-14 |
| CVE-2021-36175 | An improper neutralization of input vulnerability [CWE-79] in FortiWebManager versions 6.2.3 and below, 6.0.2 and below may a... | 5.4 - MEDIUM | 2021-10-06 | 2021-10-14 |
| CVE-2021-32591 | A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS credentials in FortiSandbox ... | 5.3 - MEDIUM | 2021-12-08 | 2023-08-08 |
| CVE-2021-22123 | An OS command injection vulnerability in FortiWeb's management interface 6.3.7 and below, 6.2.3 and below, 6.1.x, 6.0.x, 5.9.... | 8.8 - HIGH | 2021-06-01 | 2021-06-10 |
| CVE-2021-22122 | An improper neutralization of input during web page generation in FortiWeb GUI interface 6.3.0 through 6.3.7 and version befo... | 6.1 - MEDIUM | 2021-02-08 | 2021-02-10 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Fortinet | Fortiweb | 6.3.7 | All | All | All |
| Application | Fortinet | Fortiweb | 6.3.5 | All | All | All |
| Application | Fortinet | Fortiweb | 6.3.0 | All | All | All |
| Application | Fortinet | Fortiweb | 6.2.4 | All | All | All |
| Application | Fortinet | Fortiweb | 6.2.3 | All | All | All |
| Application | Fortinet | Fortiweb | 6.2.2 | All | All | All |
| Application | Fortinet | Fortiweb | 6.2.1 | All | All | All |
| Application | Fortinet | Fortiweb | 6.2.0 | All | All | All |
| Application | Fortinet | Fortiweb | 6.1.1 | All | All | All |
| Application | Fortinet | Fortiweb | 6.1.0 | All | All | All |
| Application | Fortinet | Fortiweb | 6.0.7 | All | All | All |
| Application | Fortinet | Fortiweb | 6.0.6 | All | All | All |
| Application | Fortinet | Fortiweb | 6.0.5 | All | All | All |
| Application | Fortinet | Fortiweb | 6.0.4 | All | All | All |
| Application | Fortinet | Fortiweb | 6.0.3 | All | All | All |
| Application | Fortinet | Fortiweb | 6.0.2 | All | All | All |
| Application | Fortinet | Fortiweb | 6.0.1 | All | All | All |
| Application | Fortinet | Fortiweb | 6.0.0 | All | All | All |
| Application | Fortinet | Fortiweb | 5.9.1 | All | All | All |
| Application | Fortinet | Fortiweb | 5.9.0 | All | All | All |