Fortinet Fortiedr

Do you want an email whenever new security vulnerabilities are reported in Fortinet Fortiedr?

By the Year

In 2023 there have been 0 vulnerabilities in Fortinet Fortiedr . Last year Fortiedr had 4 security vulnerabilities published. Right now, Fortiedr is on track to have less security vulnerabilities in 2023 than it did last year.

Year	Vulnerabilities	Average Score
2023	0	0.00
2022	4	6.68
2021	0	0.00
2020	0	0.00
2019	0	0.00
2018	0	0.00

It may take a day or so for new Fortiedr vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Fortinet Fortiedr Security Vulnerabilities

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiEDR version 5.1.0, 5.0.0 through 5.0.3 Patch 6 and 4.0.0

CVE-2022-29057 5.4 - Medium - July 19, 2022

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiEDR version 5.1.0, 5.0.0 through 5.0.3 Patch 6 and 4.0.0 allows a remote authenticated attacker to perform a reflected cross site scripting attack (XSS) by injecting malicious payload into the Management Console via various endpoints.

XSS

A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may

CVE-2022-23440 7.8 - High - April 06, 2022

A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow a local attacker to disable and uninstall the collectors from the end-points within the same deployment.

Use of Hard-coded Credentials

A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and earlier

CVE-2022-23446 4.4 - Medium - April 06, 2022

A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and earlier allows attacker to make the whole application unresponsive via changing its root directory access permission.

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may

CVE-2022-23441 9.1 - Critical - April 06, 2022

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow an unauthenticated attacker on the network to disguise as and forge messages from other collectors.

Use of Hard-coded Credentials

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Fortinet Fortiedr or by Fortinet? Click the Watch button to subscribe.

Fortinet
Vendor

Fortinet Fortiedr
Product

Fortinet Fortiedr

By the Year

Recent Fortinet Fortiedr Security Vulnerabilities

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiEDR version 5.1.0, 5.0.0 through 5.0.3 Patch 6 and 4.0.0 CVE-2022-29057 5.4 - Medium - July 19, 2022

A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of FortiEDR collectors versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may CVE-2022-23440 7.8 - High - April 06, 2022

A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and earlier CVE-2022-23446 4.4 - Medium - April 06, 2022

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may CVE-2022-23441 9.1 - Critical - April 06, 2022