Filtered by vendor Fortinet
Subscriptions
Filtered by product Fortisoar
Subscriptions
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-29062 | 1 Fortinet | 1 Fortisoar | 2024-11-21 | 6.3 Medium |
| Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiSOAR before 7.2.1 allows an authenticated attacker to write to the underlying filesystem with nginx permissions via crafted HTTP requests. | ||||
| CVE-2022-29061 | 1 Fortinet | 1 Fortisoar | 2024-11-21 | 7.2 High |
| An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSOAR before 7.2.1 allows an authenticated attacker to execute unauthorized code or commands via crafted HTTP GET requests. | ||||
| CVE-2022-23443 | 1 Fortinet | 1 Fortisoar | 2024-11-21 | 7.5 High |
| An improper access control in Fortinet FortiSOAR before 7.2.0 allows unauthenticated attackers to access gateway API data via crafted HTTP GET requests. | ||||
| CVE-2023-26211 | 1 Fortinet | 1 Fortisoar | 2024-08-22 | 6.4 Medium |
| An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSOAR 7.3.0 through 7.3.2 allows an authenticated, remote attacker to inject arbitrary web script or HTML via the Communications module. | ||||