- Filter by Date
- 2023
- 5 01-2023
- 2023
- Filter by Severity
-
Filter by Affected Product
- All
- 1 FortiManager
- 1 FortiWeb
- 1 FortiADC
- 1 FortiPortal
- 1 FortiTester
- 0 FortiOS
- 0 FortiAnalyzer
- 0 FortiProxy
- 0 FortiMail
- 0 FortiSandbox
- 0 FortiClientWindows
- 0 FortiWAN
- 0 FortiAuthenticator
- 0 FortiClientEMS
- 0 FortiSIEM
- 0 FortiSwitch
- 0 FortiWLC
- 0 FortiAP
- 0 FortiClientMac
- 0 FortiAP-W2
- 0 FortiDDoS
- 0 FortiRecorder
- 0 FortiVoiceEnterprise
- 0 FortiAP-S
- 0 FortiWLM
- 0 FortiNAC
- 0 FortiSOAR
- 0 FortiAP-U
- 0 FortiDB
- 0 FortiDeceptor
- 0 AscenLink
- 0 FortiClientLinux
- 0 FortiEDR
- 0 Meru AP
- 0 FortiADCManager
- 0 FortiCache
- 0 FortiDDoS-F
- 0 FortiIsolator
- 0 FortiNDR
- 0 FortiAP-C
- 0 FortiClientAndroid
- 0 FortiClientiOS
- 0 FortiDDoS-CM
- 0 FortiExtender
- 0 FortiSIEMWindowsAgent
- 0 FortiTokenAndroid
- 0 FortiTokenIOS
- 0 FSSO Windows CA
- 0 FortiAnalyzer-BigData
- 0 FortiWAN-Manager
- 0 FortiWebManager
- 0 Meru Controller
- 0 SSL_VPN
- 0 AV Engine
- 0 FSSO (all dist.)
- 0 FSSO Windows DC Agent
- 0 FortiCloud
- 0 FortiExplorer Windows
- 0 FortiFone
- 0 FortiGuard
- 0 FortiOS-6K7K
- 0 FortiSDNConnector
- 0 FortiSwitchManager
- 0 FortiTokenMobileWP
- 0 FortiVoice
All
Refine Search
PSIRT Advisories
Monthly PSIRT Advisories
- 2023: Jan
- 2022: Dec , Nov , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb
- 2021: Dec , Nov , Oct , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb , Jan
- 2020: Dec
The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.
For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.
An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiADC may allow an authe...
FortiADC
7.0.1, 7.0.0, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.1.6, 6.1.5, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0
Jan 03, 2023
Severity
High
IR Number: FG-IR-22-061
CVE-2022-39947
An incorrect user management vulnerability [CWE-286] in the FortiManager VDOM creation component may allow an attacker to ...
FortiManager
7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0
Jan 03, 2023
Severity
Medium
IR Number: FG-IR-22-371
CVE-2022-45857
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiPortal management interface ...
FortiPortal
6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.11, 6.0.10, 6.0.1, 6.0.0, 5.3.8, 5.3.7, 5.3.6, 5.3.5, 5.3.4, 5.3.3, 5.3.2, 5.3.1, 5.3.0, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1.2, 5.1.1, 5.1.0, 5.0.3, 5.0.2, 5.0.1, 5.0.0
Jan 03, 2023
Severity
Medium
IR Number: FG-IR-22-313
CVE-2022-41336
Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-7...
FortiTester
7.1.0, 7.0.0, 4.2.0, 4.1.1, 4.1.0, 4.0.0, 3.9.1, 3.9.0, 3.8.0, 3.7.1, 3.7.0, 3.6.0, 3.5.1, 3.5.0, 3.4.0, 3.3.1, 3.3.0, 3.2.0, 3.1.0, 3.0.0, 2.9.0, 2.8.0, 2.7.0, 2.6.0, 2.5.0, 2.4.1, 2.4.0, 2.3.0
Jan 03, 2023
Severity
High
IR Number: FG-IR-22-274
CVE-2022-35845
An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability [CWE-113] In FortiW...
FortiWeb
7.0.2, 7.0.1, 7.0.0, 6.4.2, 6.4.1, 6.4.0, 6.3.9, 6.3.8, 6.3.7, 6.3.6, 6.3.21, 6.3.20, 6.3.19, 6.3.18, 6.3.17, 6.3.16, 6.3.15, 6.3.14, 6.3.13, 6.3.12, 6.3.11, 6.3.10
Jan 03, 2023
Severity
Medium
IR Number: FG-IR-22-250