A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HFortinet Fortianalyzer
APPFortinet7.4.1 β 7.4.4 (bez)7.6.0 β 7.6.2 (bez)Fortinet Fortianalyzer Cloud
APPFortinet7.4.1 β 7.4.4 (bez)Fortinet Fortimanager
APPFortinet7.4.1 β 7.4.4 (bez)7.6.0 β 7.6.2 (bez)Fortinet Fortimanager Cloud
APPFortinet7.4.1 β 7.4.4 (bez)Fortinet FortiOS
OSFortinet7.4.0 β 7.4.5 (bez)6.4.0 β 7.0.16 (bez)7.2.0 β 7.2.9 (bez)Fortinet Fortiproxy
APPFortinet7.4.0 β 7.4.5 (bez)2.0.0 β 2.0.15 (bez)7.0.0 β 7.0.18 (bez)7.2.0 β 7.2.11 (bez)
Related vulnerabilities
Fortinet β Auth Bypass przez FortiCloud SSO w wielu produktach
Fortinet FortiOS/FortiProxy/FortiSwitchManager β Auth Bypass przez SAML
Authentication Bypass w FortiOS i FortiProxy β przejΔcie uprawnieΕ super-admin
Brak uwierzytelnienia krytycznej funkcji w Fortinet FortiManager β RCE
Krytyczna podatnoΕΔ format string RCE w Fortinet FortiOS, FortiProxy i FortiSwitchManager