CPE-649A8079-B8DB-4251-A95B-2F2DFED5D286 Detail

CPE Details

Fortinet FortiAuthenticator 6.0.1

Vendor

fortinet

Product

fortiauthenticator

Version

6.0.1

Created

2019-06-10
16h00 +00:00

Modified

2019-06-10
16h00 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:fortinet:fortiauthenticator:6.0.1:::::::*

Informations

Vendor

fortinet

Product

fortiauthenticator

Version

6.0.1

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2022-22302	2023-07-11 08h54 +00:00	A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet private keys used to establish secure communication with both Apple Push Notification and Google Cloud Messaging services, via accessing the files on the filesystem.	5.3	Medium
CVE-2023-26208	2023-03-09 14h55 +00:00	A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiAuthenticator 6.4.x and before allows a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form.	5.3	Medium
CVE-2021-26116	2022-04-06 14h00 +00:00	An improper neutralization of special elements used in an OS command vulnerability in the command line interpreter of FortiAuthenticator before 6.3.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.	8.8	High
CVE-2021-36177	2022-02-02 09h54 +00:00	An improper access control vulnerability [CWE-284] in FortiAuthenticator HA service 6.3.2 and below, 6.2.x, 6.1.x, 6.0.x may allow an attacker on the same vlan as the HA management interface to make an unauthenticated direct connection to the FAC's database.	4.3	Medium
CVE-2021-43067	2021-12-08 10h22 +00:00	A exposure of sensitive information to an unauthorized actor in Fortinet FortiAuthenticator version 6.4.0, version 6.3.2 and below, version 6.2.1 and below, version 6.1.2 and below, version 6.0.7 to 6.0.1 allows attacker to duplicate a target LDAP user 2 factors authentication token via crafted HTTP requests.	8.3	High
CVE-2021-22124	2021-08-04 16h18 +00:00	An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via specifically-crafted long request parameters.	7.5	High
CVE-2021-24005	2021-07-06 08h56 +00:00	Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator versions before 6.3.0 may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key.	7.5	High

Fortinet FortiAuthenticator 6.0.1

CPE Details

CPE Name: cpe:2.3:a:fortinet:fortiauthenticator:6.0.1:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:fortinet:fortiauthenticator:6.0.1:::::::*