Fortiswitchmanager Fortinet Fortiswitchmanager

Do you want an email whenever new security vulnerabilities are reported in Fortinet Fortiswitchmanager?

By the Year

In 2023 there have been 1 vulnerability in Fortinet Fortiswitchmanager with an average score of 8.1 out of ten. Last year Fortiswitchmanager had 1 security vulnerability published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Fortiswitchmanager in 2023 could surpass last years number. Last year, the average CVE base score was greater by 1.70

Year Vulnerabilities Average Score
2023 1 8.10
2022 1 9.80
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Fortiswitchmanager vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Fortinet Fortiswitchmanager Security Vulnerabilities

A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0

CVE-2022-41335 8.1 - High - February 16, 2023

A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.

Directory traversal

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0

CVE-2022-40684 9.8 - Critical - October 18, 2022

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

Missing Authentication for Critical Function

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Fortinet Fortios or by Fortinet? Click the Watch button to subscribe.

Fortinet
Vendor

subscribe