Forticlient Enterprise Management Server Fortinet Forticlient Enterprise Management Server

Do you want an email whenever new security vulnerabilities are reported in Fortinet Forticlient Enterprise Management Server?

By the Year

In 2024 there have been 1 vulnerability in Fortinet Forticlient Enterprise Management Server with an average score of 7.2 out of ten. Forticlient Enterprise Management Server did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2024 as compared to last year.

Year Vulnerabilities Average Score
2024 1 7.20
2023 0 0.00
2022 0 0.00
2021 4 6.80
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Forticlient Enterprise Management Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Fortinet Forticlient Enterprise Management Server Security Vulnerabilities

An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version 7.2.0 through 7.2.2 and before 7.0.10

CVE-2023-45581 7.2 - High - February 15, 2024

An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version 7.2.0 through 7.2.2 and before 7.0.10 allows an Site administrator with Super Admin privileges to perform global administrative operations affecting other sites via crafted HTTP or HTTPS requests.

A missing encryption of sensitive data in Fortinet FortiClientEMS version 7.0.1 and below, version 6.4.4 and below

CVE-2021-36189 4.9 - Medium - December 09, 2021

A missing encryption of sensitive data in Fortinet FortiClientEMS version 7.0.1 and below, version 6.4.4 and below allows attacker to information disclosure via inspecting browser decrypted data

Missing Encryption of Sensitive Data

An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may

CVE-2021-41030 9.1 - Critical - December 08, 2021

An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages.

Authentication Bypass by Capture-replay

An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may

CVE-2021-32592 7.8 - High - December 01, 2021

An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path.

DLL preloading

An improper neutralization of input vulnerability [CWE-79] in FortiClientEMS versions 6.4.1 and below and 6.2.9 and below may

CVE-2020-15940 5.4 - Medium - November 02, 2021

An improper neutralization of input vulnerability [CWE-79] in FortiClientEMS versions 6.4.1 and below and 6.2.9 and below may allow a remote authenticated attacker to inject malicious script/tags via the name parameter of various sections of the server.

XSS

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Fortinet Forticlient Enterprise Management Server or by Fortinet? Click the Watch button to subscribe.

Fortinet
Vendor

subscribe