| | | |
| | |
 | Loading… |
|
| oval:ru.altx-soft.fortios:def:1 | 1 | FortiGate is installed | inventory |
| oval:com.altx-soft.fortios:def:17 | 1 | CSRF vulnerability in SSL-VPN portal in FortiOS (CVE-2021-26103) | vulnerability |
| oval:com.altx-soft.fortios:def:18 | 3 | Buffer overflow in TFTP client library of CLI in FortiOS (CVE-2021-42757) | vulnerability |
| oval:com.altx-soft.fortios:def:19 | 1 | Path traversal vulnerability in FortiOS 7.x before 7.0.2 (CVE-2021-41024) | vulnerability |
| oval:com.altx-soft.fortios:def:20 | 1 | Hardcoded SSLVPN cookie encryption key in FortiOS (CVE-2021-26108) | vulnerability |
| oval:com.altx-soft.fortios:def:21 | 1 | Heap-based Buffer Overflow in firmware signature verification in FortiOS (CVE-2021-36173) | vulnerability |
| oval:com.altx-soft.fortios:def:22 | 3 | Integer overflow in SSLVPN allocator in FortiOS (CVE-2021-26109) | vulnerability |
| oval:com.altx-soft.fortios:def:23 | 1 | Integer overflow in SSLVPN allocator in FortiOS (CVE-2021-44168) | vulnerability |
| oval:com.altx-soft.fortios:def:24 | 1 | Privilege escalation vulnerability using the automation script feature in FortiOS and FortiProxy (CVE-2021-26110) | vulnerability |
| oval:com.altx-soft.fortios:def:25 | 1 | Missing certificate CN/SAN validation leads to information disclosure in FortiOS (CVE-2021-41019) | vulnerability |
| oval:com.altx-soft.fortios:def:26 | 3 | Disclosure of other VDOMs information through CLI commands in FortiOS (CVE-2021-32600) | vulnerability |
| oval:com.altx-soft.fortios:def:27 | 1 | Host header injection vulnerability in FortiOS (CVE-2019-16151) | vulnerability |
| oval:com.altx-soft.fortios:def:28 | 1 | Debug commands allow memory manipulation in FortiOS (CVE-2021-36169) | vulnerability |
| oval:com.altx-soft.fortios:def:29 | 1 | SSL VPN user credential plaintext storage in FortiOS (CVE-2019-17655) | vulnerability |
| oval:com.altx-soft.fortios:def:30 | 3 | Buffer Underwrite in firmware verification in FortiOS (CVE-2021-24018) | vulnerability |
| oval:com.altx-soft.fortios:def:31 | 1 | FortiGate SSL VPN portal is vulnerable to an XSS (CVE-2021-26092) | vulnerability |
| oval:com.altx-soft.fortios:def:32 | 1 | Improper verification of the user certificate's chain of trust in FortiGate when connecting to SSL-VPN (CVE-2021-24012) | vulnerability |
| oval:com.altx-soft.fortios:def:33 | 2 | Read-only admins can obtain the LDAP credentials configured in the FortiGate and FortiADC using the LDAP test connectivity feature (CVE-2018-13374) | vulnerability |
| oval:com.altx-soft.fortios:def:34 | 2 | FortiGate fails to block malformed HTTP/S traffic when transparent proxy is enabled (CVE-2020-15938) | vulnerability |
| oval:com.altx-soft.fortios:def:35 | 2 | FortiGate SSL VPN logs may display events of users in a different VDOM (CVE-2020-29010) | vulnerability |
| oval:com.altx-soft.fortios:def:36 | 2 | XSS vulnerability observed in Log and Report section of FortiGate (CVE-2020-15937) | vulnerability |
| oval:com.altx-soft.fortios:def:37 | 5 | Potential sensitive information can be displayed in cleartext in FortiOS CLI window (CVE-2020-6648) | vulnerability |
| oval:com.altx-soft.fortios:def:38 | 2 | FortiOS HTTPD is vulnerable to a Stack-based Buffer Overflow vulnerability (CVE-2019-17656) | vulnerability |
| oval:com.altx-soft.fortios:def:39 | 2 | FortiOS is potentially vulnerable to a Heap buffer overflow (CVE-2020-12819) | vulnerability |
| oval:com.altx-soft.fortios:def:40 | 2 | Stack-based buffer overflow in SSL VPN daemon in FortiOS (CVE-2020-12820) | vulnerability |
| oval:com.altx-soft.fortios:def:41 | 2 | SSL VPN 2FA bypass by changing username case in FortiOS (CVE-2020-12812) | vulnerability |
| oval:com.altx-soft.fortios:def:42 | 2 | Use of a hard-coded cryptographic key to cipher sensitive data in CLI configuration in FortiOS (CVE-2019-6693) | vulnerability |
| oval:com.altx-soft.fortios:def:43 | 2 | FortiOS reveals platform information without authentication (CVE-2018-13367) | vulnerability |
| oval:com.altx-soft.fortios:def:44 | 5 | Blind Reset Attack Using the RST/SYN Bit in FortiOS (CVE-2004-0230) | vulnerability |
| oval:com.altx-soft.fortios:def:45 | 1 | FortiOS URL redirection attack via the admin password change page (CVE-2019-6696) | vulnerability |
| oval:com.altx-soft.fortios:def:46 | 1 | FortiOS DRBG insufficient entropy (CVE-2019-15703) | vulnerability |
| oval:com.altx-soft.fortios:def:47 | 2 | FortiOS slow HTTP DoS attacks (CVE-2019-17657) | vulnerability |
| oval:com.altx-soft.fortios:def:48 | 1 | FortiOS SSL VPN web portal Host Header Redirection (CVE-2018-13384) | vulnerability |
| oval:com.altx-soft.fortios:def:49 | 2 | Hardcoded cryptographic key in the FortiGuard services communication protocol (CVE-2018-9195) | vulnerability |
| oval:com.altx-soft.fortios:def:50 | 1 | FortiOS multiple pre-auth XSS vulnerabilities on SSL VPN (CVE-2018-13380) | vulnerability |
| oval:com.altx-soft.fortios:def:51 | 1 | SSL VPN buffer overrun when parsing javascript href content in FortiOS (CVE-2018-13383) | vulnerability |
| oval:com.altx-soft.fortios:def:52 | 1 | XSS vulnerability in FortiGate DHCP monitor page (CVE-2019-6697) | vulnerability |
| oval:com.altx-soft.fortios:def:53 | 1 | FortiOS admin privilege escalation via restoring configs (CVE-2017-17544) | vulnerability |
| oval:com.altx-soft.fortios:def:54 | 2 | FortiOS local certificate private key improper protection in admin CLI console (CVE-2019-5593) | vulnerability |
| oval:com.altx-soft.fortios:def:55 | 1 | Denial of Service vulnerability impacts the SSL VPN service of FortiOS (CVE-2019-15705) | vulnerability |