Max CVSS 7.5 Min CVSS 4.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-1459 4.3
Cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the operation parameter to cert/scep/.
08-09-2017 - 01:29 03-02-2015 - 16:59
CVE-2015-1457 4.9
Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command.
08-09-2017 - 01:29 03-02-2015 - 16:59
CVE-2015-1455 7.5
Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the slony PostgreSQL user and (2) www-data for the www-data PostgreSQL user, which makes it easier for remote attackers to obtain access via unspecified vectors.
19-02-2015 - 18:59 03-02-2015 - 16:59
CVE-2015-1456 4.0
Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and passwords in cleartext, which allows remote administrators to obtain sensitive information by reading the log at debug/startup/.
19-02-2015 - 18:59 03-02-2015 - 16:59
Back to Top Mark selected
Back to Top