IDCVSSSummaryLast (major) updatePublished
CVE-2013-6990 9.0
FortiGuard FortiAuthenticator before 3.0 allows remote administrators to gain privileges via the command line interface.
06-01-2017 - 21:59 30-04-2014 - 10:22
CVE-2015-1457 4.9
Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command.
19-02-2015 - 13:59 03-02-2015 - 11:59
CVE-2015-1456 4.0
Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and passwords in cleartext, which allows remote administrators to obtain sensitive information by reading the log at debug/startup/.
19-02-2015 - 13:59 03-02-2015 - 11:59
CVE-2015-1455 7.5
Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the slony PostgreSQL user and (2) www-data for the www-data PostgreSQL user, which makes it easier for remote attackers to obtain access via unspecified vectors.
19-02-2015 - 13:59 03-02-2015 - 11:59
CVE-2015-1459 4.3
Cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the operation parameter to cert/scep/.
18-02-2015 - 13:55 03-02-2015 - 11:59
CVE-2015-1458 6.9
Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intended restrictions and gain privileges by creating /tmp/privexec/dbgcore_enable_shell_access and executing the "shell" command.
04-02-2015 - 12:48 03-02-2015 - 11:59
Back to Top Mark selected
Back to Top