Filter by Date
- 2021
  - 3 12-2021
Filter by Severity
- 0 Critical
- 0 High
- 3 Medium
- 0 Low
- 0 Informational
Filter by Affected Product
- All
- 3 FortiWeb
- 0 FortiOS
- 0 FortiProxy
- 0 FortiManager
- 0 FortiAnalyzer
- 0 FortiADC
- 0 FortiMail
- 0 FortiSandbox
- 0 FortiClientWindows
- 0 FortiPortal
- 0 FortiWAN
- 0 FortiAuthenticator
- 0 FortiNAC
- 0 FortiSIEM
- 0 FortiClientEMS
- 0 FortiWLC
- 0 FortiClientMac
- 0 FortiAP
- 0 FortiSOAR
- 0 FortiTester
- 0 FortiAP-W2
- 0 FortiSwitch
- 0 FortiWLM
- 0 FortiRecorder
- 0 FortiVoiceEnterprise
- 0 FortiAP-S
- 0 FortiDeceptor
- 0 AscenLink
- 0 FortiAP-U
- 0 FortiClientLinux
- 0 FortiDB
- 0 FortiDDoS
- 0 FortiEDR
- 0 FortiCache
- 0 FortiExtender
- 0 Meru AP
- 0 FortiADCManager
- 0 FortiIsolator
- 0 FortiSIEMWindowsAgent
- 0 FortiTokenAndroid
- 0 FortiTokenIOS
- 0 FortiWAN-Manager
- 0 FSSO Windows CA
- 0 FortiAP-C
- 0 FortiClientAndroid
- 0 FortiClientiOS
- 0 FortiDDoS-CM
- 0 FortiSwitchManager
- 0 FortiWebManager
- 0 Meru Controller
- 0 SSL_VPN
- 0 FSSO (all dist.)
- 0 FSSO Windows DC Agent
- 0 FortiAnalyzer-BigData
- 0 FortiCloud
- 0 FortiDDoS-F
- 0 FortiExplorer Windows
- 0 FortiFone
- 0 FortiGuard
- 0 FortiNDR
- 0 FortiOS-6K7K
- 0 FortiPresence
- 0 FortiSDNConnector
- 0 FortiTokenMobileWP
- 0 FortiVoice

Refine Search

PSIRT Advisories

Monthly PSIRT Advisories

2023: May , Apr , Mar , Feb , Jan
2022: Dec , Nov , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb
2021: Dec , Nov , Oct , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb , Jan
2020: Dec

The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.

For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.

FortiWeb - Reflected cross-site scripting in SAML login

An improper neutralization of input during web page generation vulnerabilityÂ [CWE-79] in FortiWeb may allow an unauthenti...

FortiWeb 6.4.1, 6.4.0

Dec 07, 2021 Severity black-background-circle-icon

Medium IR Number: FG-IR-21-139 CVE-2021-41015

FortiWeb - Stack-based buffer overflow due to type mismatch

A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb may allow an authenticated attacker to execute unauthori...

FortiWeb 6.4.1, 6.4.0

Dec 07, 2021 Severity black-background-circle-icon

Medium IR Number: FG-IR-21-134 CVE-2021-41027

FortiWeb - Unauthorized user is granted access to the Reports available in the Log & Report section

An improper access control vulnerability [CWE-284] in the Report Browse section of FortiWeb's Log & Report may allow an un...

FortiWeb 6.4.1, 6.4.0, 6.3.9, 6.3.8, 6.3.7, 6.3.6, 6.3.5, 6.3.4, 6.3.3, 6.3.2, 6.3.15, 6.3.14, 6.3.13, 6.3.12, 6.3.11, 6.3.10, 6.3.1, 6.3.0

Dec 07, 2021 Severity black-background-circle-icon

Medium IR Number: FG-IR-21-138 CVE-2021-41013

Network

Files and Endpoint

Application

Additional SOC Services

Refine
RESET

PSIRT Advisories

Monthly PSIRT Advisories

News / Research

Network

Files and Endpoint

Application

Additional SOC Services

FortiGate

FortiDeceptor

FortiClient

FortiMail

FortiEDR

FortiADC

FortiAnalyzer

FortiCWP

FortiWeb

FortiNDR

FortiSandBox

FortiTester

Threat Lookup

PSIRT

Resources

Refine RESET

PSIRT Advisories

Monthly PSIRT Advisories

Refine
RESET