Fortinet Fortiisolator
By the Year
In 2024 there have been 0 vulnerabilities in Fortinet Fortiisolator . Last year Fortiisolator had 1 security vulnerability published. Right now, Fortiisolator is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.80 |
| 2022 | 1 | 8.80 |
| 2021 | 1 | 9.80 |
| 2020 | 1 | 5.40 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Fortiisolator vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Fortinet Fortiisolator Security Vulnerabilities
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiIsolator version 1.0.0, FortiIsolator version 1.1.0, FortiIsolator version 1.2.0 through 1.2.2, FortiIsolator version 2.0.0 through 2.0.1, FortiIsolator version 2.1.0 through 2.1.2, FortiIsolator version 2.2.0, FortiIsolator version 2.3.0 through 2.3.4
CVE-2022-22298
7.8 - High
- October 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiIsolator version 1.0.0, FortiIsolator version 1.1.0, FortiIsolator version 1.2.0 through 1.2.2, FortiIsolator version 2.0.0 through 2.0.1, FortiIsolator version 2.1.0 through 2.1.2, FortiIsolator version 2.2.0, FortiIsolator version 2.3.0 through 2.3.4 allows attacker to execute arbitrary OS commands in the underlying shell via specially crafted input parameters.
Shell injection
An improper access control vulnerability [CWE-284] in FortiIsolator versions 2.3.2 and below may
CVE-2021-41020
8.8 - High
- May 04, 2022
An improper access control vulnerability [CWE-284] in FortiIsolator versions 2.3.2 and below may allow an authenticated, non privileged attacker to regenerate the CA certificate via the regeneration URL.
An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain
CVE-2020-6649
9.8 - Critical
- February 08, 2021
An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical attacks)
Insufficient Session Expiration
An improper neutralization of input vulnerability in the URL Description in Fortinet FortiIsolator version 1.2.2
CVE-2020-6643
5.4 - Medium
- March 12, 2020
An improper neutralization of input vulnerability in the URL Description in Fortinet FortiIsolator version 1.2.2 allows a remote authenticated attacker to perform a cross site scripting attack (XSS).
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Fortinet Fortiisolator or by Fortinet? Click the Watch button to subscribe.
