FortiGuard Labs | FortiGuard Center - IR Advisories

Cookie security policy bypass

https://fortiguard.fortinet.com/psirt/FG-IR-22-256

Publish Date: Tue, 10 Sep 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

FortiClient - Lack of client-side certificate validation in ZTNA service

https://fortiguard.fortinet.com/psirt/FG-IR-22-282

Publish Date: Tue, 10 Sep 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

FortiClient(All) - Lack of client-side certificate validation using SAML SSO

https://fortiguard.fortinet.com/psirt/FG-IR-22-230

Publish Date: Tue, 10 Sep 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

IDOR on download logs feature

https://fortiguard.fortinet.com/psirt/FG-IR-23-204

Publish Date: Tue, 10 Sep 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

Improper Neutralization of Special Elements used in a Command in DAS component

https://fortiguard.fortinet.com/psirt/FG-IR-24-123

Publish Date: Tue, 10 Sep 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

Inadequate user validation and no brute force protection on change password requests

https://fortiguard.fortinet.com/psirt/FG-IR-24-048

Publish Date: Tue, 10 Sep 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

Multiple path traversal in administrative interface

https://fortiguard.fortinet.com/psirt/FG-IR-23-362

Publish Date: Tue, 10 Sep 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

Sensitive files disclosure in diagnostic logs download

https://fortiguard.fortinet.com/psirt/FG-IR-24-051

Publish Date: Tue, 10 Sep 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

Unencrypted keychain permanent password

https://fortiguard.fortinet.com/psirt/FG-IR-24-139

Publish Date: Tue, 10 Sep 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

access to backend information and logs via RestAPI on shared environments

https://fortiguard.fortinet.com/psirt/FG-IR-24-371

Publish Date: Tue, 10 Sep 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

GUI Console WebSockets do not terminate on logout

https://fortiguard.fortinet.com/psirt/FG-IR-22-445

Publish Date: Tue, 13 Aug 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

OS command injections in execute CLI commands

https://fortiguard.fortinet.com/psirt/FG-IR-22-047

Publish Date: Tue, 13 Aug 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

Priviledged admin able to modify super-admins password

https://fortiguard.fortinet.com/psirt/FG-IR-23-467

Publish Date: Tue, 13 Aug 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

RADIUS Protocol CVE-2024-3596

https://fortiguard.fortinet.com/psirt/FG-IR-24-255

Publish Date: Tue, 13 Aug 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

Real-time file system integrity checking write protection bypass

https://fortiguard.fortinet.com/psirt/FG-IR-24-012

Publish Date: Tue, 13 Aug 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

XSS vulnerability in communications triggered in playbooks

https://fortiguard.fortinet.com/psirt/FG-IR-23-088

Publish Date: Tue, 13 Aug 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

FortiMail - SMTP Smuggling

https://fortiguard.fortinet.com/psirt/FG-IR-24-009

Publish Date: Thu, 18 Jul 2024 15:09:20 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

Cross site scripting vulnerability in SSL VPN web UI

https://fortiguard.fortinet.com/psirt/FG-IR-23-485

Publish Date: Tue, 09 Jul 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

FortiAIOps - CSV Injection in export device inventory feature

https://fortiguard.fortinet.com/psirt/FG-IR-24-073

Publish Date: Tue, 09 Jul 2024 00:00:00 -0700


FortiGuard Labs | FortiGuard Center - IR Advisories

FortiAIOps - Cross-site request forgery

https://fortiguard.fortinet.com/psirt/FG-IR-24-070

Publish Date: Tue, 09 Jul 2024 00:00:00 -0700