Описание
Multiple serious vulnerabilities have been found in Fortinet FortiAuthenticator. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, inject code and read arbitrary files.
Below is a complete list of vulnerabilities
- XSS vulnerability can be exploited remotely via a specially designed operation parameter;
- An unknown vulnerability can be exploited locally via manipulations with files and commands;
- Lack of login information emcapsulation can be exploited remotely via log reading and other unknown vectors.
Первичный источник обнаружения
Связанные продукты
Список CVE
- CVE-2015-1457 warning
- CVE-2015-1458 high
- CVE-2015-1459 warning
- CVE-2015-1455 high
- CVE-2015-1456 warning
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!