Fortinet Fortimanager Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Fortinet Fortimanager Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2015-3616 — CVSS 9.8 (critical): SQL injection vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to execute arbitrary…
CVE-2015-3617 — CVSS 7.8 (high): Fortinet FortiManager 5.0 before 5.0.11 and 5.2 before 5.2.2 allow local users to gain privileges via crafted CLI commands.
CVE-2015-3614 — CVSS 7.5 (high): Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to obtain arbitrary files via vectors involving…
CVE-2016-8495 — CVSS 7.4 (high): An improper certificate validation vulnerability in Fortinet FortiManager 5.0.6 through 5.2.7 and 5.4.0 through 5.4.1 allows remote…
CVE-2017-3126 — CVSS 6.1 (medium): An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to…
CVE-2016-3194 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the address added page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 and…
CVE-2016-3195 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the Web-UI in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiAnalyzer…
CVE-2017-17541 — CVSS 6.1 (medium): A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.4 and below versions, FortiAnalyzer 6.0.0, 5.6.4 and below…
CVE-2016-3196 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in Fortinet FortiAnalyzer 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiManager 5.x before…
CVE-2015-3615 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote authenticated users…
CVE-2016-3193 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in the appliance web-application in Fortinet FortiManager 5.x before 5.0.12, 5.2.x before 5.2.6…
CVE-2015-7363 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in the advanced settings page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.3…
CVE-2015-3620 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the advanced dataset reports page in Fortinet FortiAnalyzer 5.0.0 through 5.0.10 and 5.2.0…
CVE-2015-8038 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the Graphical User Interface (GUI) in Fortinet FortiManager before 5.2.4 allow…
CVE-2015-8037 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the Graphical User Interface (GUI) in Fortinet FortiManager before 5.2.4 allow…