CVE-2024-47569

>= 4.2.0 and < 7.4.3

A insertion of sensitive information into sent data vulnerability in Fortinet FortiMail 7.4.0 through 7.4.2, FortiMail 7.2.0 throu

4.3MEDIUM

CVE-2022-23439

>= 3.7.0 and < 7.2.2

A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches

4.7MEDIUM

CVE-2023-40716

all versions

An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the command line interpreter of F

6.7MEDIUM

CVE-2023-40717

>= 2.3.0 and <= 7.2.3

A use of hard-coded credentials vulnerability [CWE-798] in FortiTester 2.3.0 through 7.2.3 may allow an attacker who managed to

5.3MEDIUM

CVE-2023-40715

>= 2.3.0 and <= 7.2.3

A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through 7.2.3 may allow an attacker w

5.5MEDIUM

CVE-2023-36642

>= 3.0.0 and <= 7.2.3

An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiT

6.7MEDIUM

CVE-2022-35845

>= 2.3.0 and <= 3.9.1

Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Fo

7.8HIGH

CVE-2022-38372

>= 2.3.0 and <= 3.9.1

A hidden functionality vulnerability [CWE-1242] in FortiTester CLI 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 m

6.7MEDIUM

CVE-2022-33870

all versions

An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the command line interpreter of For

7.8HIGH

CVE-2022-33874

>= 2.3.0 and < 3.9.2

An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in SSH logi

9.8CRITICAL

CVE-2022-33873

>= 2.3.0 and < 3.9.2

An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Console

6.8MEDIUM

CVE-2022-33872

>= 2.3.0 and < 3.9.2

An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Telnet l

9.8CRITICAL

CVE-2022-35846

>= 2.3.0 and < 3.9.2

An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiTester Telnet port 2.3.0 through 3.9.

8.1HIGH

CVE-2022-35844

>= 2.3.0 and < 3.9.2

An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTe

6.7MEDIUM

CVE-2020-12815

<= 3.7.0

An improper neutralization of input vulnerability in FortiTester before 3.9.0 may allow a remote authenticated attacker to inject

5.4MEDIUM

CVE-2020-12817

<= 3.7.0

An improper neutralization of input vulnerability in FortiAnalyzer before 6.4.1 and 6.2.5 may allow a remote authenticated attacke

8.8HIGH