NotCVE - vendor:"Fortinet" product:"Fortios" version:" >= 6.0.0 <= 6.0.16"

Page 10 of 94 results (0.005 seconds)

CVSS: 4.3EPSS: 4%CPEs: 6EXPL: 2

CVE-2018-13374 – Fortinet FortiOS and FortiADC Improper Access Control Vulnerability

https://notcve.org/view.php?id=CVE-2018-13374

16 Jan 2019 — A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one. Un control de acceso inadecuado en Fortinet FortiOS 6.0.2, 5.6.7 y anteriores, FortiADC 6.1.0, 6.0.0 a 6.0.1, 5.4.0 a 5.4.4 permite a un atacante obtener las credenciales de inicio de sesión del servidor... • https://packetstorm.news/files/id/151205 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0

CVE-2018-9192

https://notcve.org/view.php?id=CVE-2018-9192

05 Sep 2018 — A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under SSL Deep Inspection feature when CPx being used. Podría ser posible recuperar en texto plano mensajes cifrados o realizar un ataque Man-in-the-Middle (MitM) en el cifrado RSA PKCS #1 v1.5 sin conocer la clave privada del servidor. Fortinet FortiOS, de l... • https://fortiguard.com/advisory/FG-IR-17-302 • CWE-203: Observable Discrepancy •

CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0

CVE-2018-9194

https://notcve.org/view.php?id=CVE-2018-9194

05 Sep 2018 — A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used. Podría ser posible recuperar en texto plano mensajes cifrados o realizar un ataque Man-in-the-Middle (MitM) en el cifrado RSA PKCS #1 v1.5 sin conocer la clave privada del servidor. Fortinet FortiOS, de la versión 5.... • https://fortiguard.com/advisory/FG-IR-17-302 • CWE-203: Observable Discrepancy •

CVSS: 8.1EPSS: 1%CPEs: 1EXPL: 0

CVE-2018-9185

https://notcve.org/view.php?id=CVE-2018-9185

05 Jul 2018 — An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user's web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature. Una vulnerabilidad de divulgación de información en Fortinet FortiOS en versiones 6.0.0 y anteriores revela las credenciales de inicio de sesión del usuario al portal web en un archivo JavaScript enviado al lado del cliente cuando las páginas guardadas en el portal web empl... • http://www.securityfocus.com/bid/104535 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

1...8 9 10