This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/o:fortinet:fortios:4.1.6
Detail
VendorFortinetFirst view 2013-06-25
ProductFortiosLast view2019-08-23
Version4.1.6TypeOs
Edition 
Language 
Update 
 
CPE Productcpe:/o:fortinet:fortios

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
52019-08-23CVE-2018-13367NetworkLowNone Requ...
42019-06-04CVE-2019-5587NetworkLowRequires ...
5.82019-06-04CVE-2018-13384NetworkMediumNone Requ...
52019-06-04CVE-2018-13381NetworkLowNone Requ...
4.32019-06-04CVE-2018-13380NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32019-05-29CVE-2018-13383NetworkMediumNone Requ...
52019-05-29CVE-2018-13365NetworkLowNone Requ...
52019-04-09CVE-2018-13366NetworkLowNone Requ...
92019-04-09CVE-2017-17544NetworkLowRequires ...
42019-01-22CVE-2018-13374NetworkLowRequires ...
52018-11-27CVE-2018-13376NetworkLowNone Requ...
7.22018-05-24CVE-2017-14187LocalLowNone Requ...
4.32018-01-29CVE-2017-14190NetworkMediumNone Requ...
42017-12-13CVE-2017-7738NetworkLowRequires ...
3.52017-11-29CVE-2017-14186NetworkMediumRequires ...
4.32017-09-11CVE-2017-3133NetworkMediumNone Requ...
4.32017-09-11CVE-2017-3132NetworkMediumNone Requ...
4.32017-02-08CVE-2016-8492NetworkMediumNone Requ...
102016-08-24CVE-2016-6909NetworkLowNone Requ...
102016-01-15CVE-2016-1909NetworkLowNone Requ...
52015-08-11CVE-2015-5965NetworkLowNone Requ...
4.32015-08-11CVE-2015-3626NetworkMediumNone Requ...
5.42014-09-10CVE-2014-0351Adjacent ...MediumNone Requ...
7.52014-08-25CVE-2014-2216NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
26% (6)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
21% (5)CWE-200Information Exposure
13% (3)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (2)CWE-264Permissions, Privileges, and Access Controls
8% (2)CWE-20Improper Input Validation
Hide | Show 5 More...
%idName
4% (1)CWE-732Incorrect Permission Assignment for Critical Resource
4% (1)CWE-601URL Redirection to Untrusted Site ('Open Redirect')
4% (1)CWE-310Cryptographic Issues
4% (1)CWE-281Improper Preservation of Permissions
4% (1)CWE-269Improper Privilege Management

SAINT Exploits

DescriptionLink
FortiOS Fortimanager_Access SSH account backdoorMore info here

Snort® IPS/IDS

DateDescription
2019-10-10Fortigate SSL VPN cross site scripting attempt
RuleID : 51470 - Type : SERVER-WEBAPP - Revision : 1
2019-10-10Fortigate SSL VPN cross site scripting attempt
RuleID : 51469 - Type : SERVER-WEBAPP - Revision : 1
2019-10-10Fortigate SSL VPN cross site scripting attempt
RuleID : 51468 - Type : SERVER-WEBAPP - Revision : 1
2019-10-10Fortigate SSL VPN cross site scripting attempt
RuleID : 51467 - Type : SERVER-WEBAPP - Revision : 1
2019-10-10Fortigate SSL VPN cross site scripting attempt
RuleID : 51466 - Type : SERVER-WEBAPP - Revision : 1
Hide | Show 5 More...
DateDescription
2019-10-10Fortigate SSL VPN cross site scripting attempt
RuleID : 51465 - Type : SERVER-WEBAPP - Revision : 1
2019-10-01Fortigate SSL VPN javascript parsing heap buffer overflow attempt
RuleID : 51376 - Type : SERVER-OTHER - Revision : 1
2019-10-01Fortigate SSL VPN javascript parsing heap buffer overflow attempt
RuleID : 51375 - Type : SERVER-OTHER - Revision : 1
2018-02-08Fortinet FortiOS redir parameter cross site scripting attempt
RuleID : 45401 - Type : SERVER-WEBAPP - Revision : 2
2016-10-20Fortigate Firewall HTTP cookie buffer overflow
RuleID : 40241 - Type : SERVER-OTHER - Revision : 2

Nessus® Vulnerability Scanner

idDescription
2018-12-05Name : The remote host is affected by an information disclosure vulnerability.
File : fortios_FG-IR-18-325.nasl - Type : ACT_GATHER_INFO
2018-10-05Name : The remote host is affected by an information disclosure vulnerability.
File : fortios_FG-IR-18-085.nasl - Type : ACT_GATHER_INFO
2018-06-08Name : The remote host is affected by multiple vulnerabilities.
File : fortios_FG-IR-17-245.nasl - Type : ACT_GATHER_INFO
2018-02-02Name : The remote host is affected by a cross-site scripting vulnerability.
File : fortios_FG-IR-17-262.nasl - Type : ACT_GATHER_INFO
2017-11-30Name : The remote host is affected by a cross-site scripting vulnerability.
File : fortios_FG-IR-17-242.nasl - Type : ACT_GATHER_INFO
Hide | Show 9 More...
idDescription
2017-08-02Name : The remote host is affected by multiple vulnerabilities.
File : fortios_FG-IR-17-104.nasl - Type : ACT_GATHER_INFO
2016-12-01Name : The remote host is affected by an information disclosure vulnerability.
File : fortios_CVE-2016-8492.nasl - Type : ACT_GATHER_INFO
2016-08-29Name : A web-based management console running on the remote host is affected by a re...
File : fortios_cookie_parsing_bof.nasl - Type : ACT_DESTRUCTIVE_ATTACK
2016-08-26Name : The remote host is affected by a remote code execution vulnerability.
File : fortios_FG-IR-16-023.nasl - Type : ACT_GATHER_INFO
2016-01-13Name : The SSH server running on the remote host can be logged into using default SS...
File : fortios_ssh_backdoor.nasl - Type : ACT_ATTACK
2015-09-23Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201508-01.nasl - Type : ACT_GATHER_INFO
2015-09-04Name : The remote host is affected by a man-in-the-middle spoofing vulnerability.
File : fortios_ssl_vpn_tls_mac_mitm.nasl - Type : ACT_GATHER_INFO
2014-09-30Name : The remote host is affected by multiple vulnerabilities.
File : fortios_FG-IR-14-006.nasl - Type : ACT_GATHER_INFO
2014-04-15Name : The remote host is affected by a security bypass vulnerability.
File : fortios_FGA-2013-20.nasl - Type : ACT_GATHER_INFO