Max CVSS | 7.5 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-1459 | 4.3 |
Cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the operation parameter to cert/scep/.
|
08-09-2017 - 01:29 | 03-02-2015 - 16:59 | |
CVE-2015-1457 | 4.9 |
Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command.
|
08-09-2017 - 01:29 | 03-02-2015 - 16:59 | |
CVE-2015-1455 | 7.5 |
Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the slony PostgreSQL user and (2) www-data for the www-data PostgreSQL user, which makes it easier for remote attackers to obtain access via unspecified vectors.
|
19-02-2015 - 18:59 | 03-02-2015 - 16:59 | |
CVE-2015-1456 | 4.0 |
Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and passwords in cleartext, which allows remote administrators to obtain sensitive information by reading the log at debug/startup/.
|
19-02-2015 - 18:59 | 03-02-2015 - 16:59 |