Filter by Date
- 2022
  - 4 03-2022
Filter by Severity
- 0 Critical
- 0 High
- 0 Medium
- 4 Low
- 0 Informational
Filter by Affected Product
- All
- 2 FortiManager
- 1 FortiAnalyzer
- 1 FortiTokenAndroid

Filter by Date:
switch-off-logo

All

2022

March (4)

Filter by Severity Level:
switch-off-logo

All

Filter by Affected Product:
switch-on-logo

All

FortiManager (2)

FortiAnalyzer (1)

FortiTokenAndroid (1)

Refine Search

PSIRT Advisories

Monthly PSIRT Advisories

2022: Jun , May , Apr , Mar , Feb
2021: Dec , Nov , Oct , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb , Jan
2020: Dec

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

FortiAnalyzer, FortiManager - bypass of client-side password change policy enforcement

An improper handling of insufficient permissions or privileges vulnerability [CWE-280] in FortiAnalyzer and FortiManager m...

FortiManager 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.11, 6.0.10, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.11, 5.6.10, 5.6.1, 5.6.0 FortiAnalyzer 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.11, 6.0.10, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.11, 5.6.10, 5.6.1, 5.6.0

Mar 01, 2022 Severity light-circle-logo

Low IR Number: FG-IR-21-255 CVE-2022-22300

FortiManager --- Password observed in cleartext in the config conflict file

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiManager may ...

FortiManager 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0

Mar 01, 2022 Severity light-circle-logo

Low IR Number: FG-IR-21-165 CVE-2022-22303

FortiOS - Bypassing FortiGate security profiles via SNI in Client Hello

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiOS may allow a privileged at...

Mar 01, 2022 Severity light-circle-logo

Low IR Number: FG-IR-20-091 CVE-2020-15936

FortiToken Mobile (Android) - Deny request approved from External push notification

An improper access control vulnerability [CWE-284 ] in FortiToken Mobile (Android) external push notification may allow a ...

FortiTokenAndroid 5.1.0, 5.0.3, 5.0.2, 4.5.0, 4.4.0, 4.3.0, 4.2.2, 4.2.1, 4.1.1, 4.0.1, 4.0.0

Mar 01, 2022 Severity light-circle-logo

Low IR Number: FG-IR-21-210 CVE-2021-44166

Network

Content and Endpoint

Application

Response

FortiNDR

FortiSandbox

FortiTester

Refine
RESET

PSIRT Advisories

Monthly PSIRT Advisories

News / Research

Network

Content and Endpoint

Application

Response

FortiGate

FortiDeceptor

FortiClient

FortiMail

FortiEDR

FortiADC WAF Security

FortiAnalyzer/FortiSIEM

FortiCWP

FortiWeb

FortiNDR

FortiSandbox

FortiTester

Threat Lookup

PSIRT

Resources

Refine RESET

PSIRT Advisories

Monthly PSIRT Advisories

Refine
RESET