Fortinet FortiAuthenticator 5.5.0

CPE Details

Fortinet FortiAuthenticator 5.5.0
fortinet
fortiauthenticator
5.5.0
2019-06-10
16h00 +00:00
2019-06-10
16h00 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:fortinet:fortiauthenticator:5.5.0:*:*:*:*:*:*:*

Informations

Vendor

fortinet

Product

fortiauthenticator

Version

5.5.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-22302 2023-07-11 08h54 +00:00 A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet private keys used to establish secure communication with both Apple Push Notification and Google Cloud Messaging services, via accessing the files on the filesystem.
5.3
Medium
CVE-2023-26208 2023-03-09 14h55 +00:00 A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiAuthenticator 6.4.x and before allows a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form.
5.3
Medium
CVE-2021-26116 2022-04-06 14h00 +00:00 An improper neutralization of special elements used in an OS command vulnerability in the command line interpreter of FortiAuthenticator before 6.3.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.
8.8
High
CVE-2021-22124 2021-08-04 16h18 +00:00 An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via specifically-crafted long request parameters.
7.5
High