Fortinet FortiAuthenticator 5.2.2

CPE Details

Fortinet FortiAuthenticator 5.2.2
fortinet
fortiauthenticator
5.2.2
2019-06-10
16h00 +00:00
2019-06-10
16h00 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:fortinet:fortiauthenticator:5.2.2:*:*:*:*:*:*:*

Informations

Vendor

fortinet

Product

fortiauthenticator

Version

5.2.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-26116 2022-04-06 14h00 +00:00 An improper neutralization of special elements used in an OS command vulnerability in the command line interpreter of FortiAuthenticator before 6.3.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.
8.8
High
CVE-2021-22124 2021-08-04 16h18 +00:00 An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via specifically-crafted long request parameters.
7.5
High
CVE-2018-9186 2018-05-31 22h00 +00:00 A cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator in versions 4.0.0 to before 5.3.0 "CSRF validation failure" page allows attacker to execute unauthorized script code via inject malicious scripts in HTTP referer header.
6.1
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.