- Filter by Date
- Filter by Severity
-
Filter by Affected Product
- All
- 9 FortiWLM
- 2 FortiADC
- 2 FortiWebManager
- 1 FortiOS
- 1 FortiManager
- 1 FortiAnalyzer
- 1 FortiWeb
- 1 FortiSandbox
- 1 FortiPortal
- 1 FortiWAN
- 1 FortiAuthenticator
- 1 FortiWLC
- 1 FortiAP
- 1 FortiVoiceEnterprise
- 1 AscenLink
- 1 FortiDDoS
- 1 FortiCache
- 1 FortiWAN-Manager
- 1 Meru Controller
- 1 FortiDDoS-F
- 0 FortiProxy
- 0 FortiMail
- 0 FortiClientWindows
- 0 FortiNAC
- 0 FortiSIEM
- 0 FortiClientEMS
- 0 FortiClientMac
- 0 FortiSOAR
- 0 FortiTester
- 0 FortiAP-W2
- 0 FortiSwitch
- 0 FortiRecorder
- 0 FortiAP-S
- 0 FortiDeceptor
- 0 FortiAP-U
- 0 FortiClientLinux
- 0 FortiDB
- 0 FortiEDR
- 0 FortiExtender
- 0 Meru AP
- 0 FortiADCManager
- 0 FortiIsolator
- 0 FortiSIEMWindowsAgent
- 0 FortiTokenAndroid
- 0 FortiTokenIOS
- 0 FSSO Windows CA
- 0 FortiAP-C
- 0 FortiClientAndroid
- 0 FortiClientiOS
- 0 FortiDDoS-CM
- 0 FortiSwitchManager
- 0 SSL_VPN
- 0 FSSO (all dist.)
- 0 FSSO Windows DC Agent
- 0 FortiAnalyzer-BigData
- 0 FortiCloud
- 0 FortiExplorer Windows
- 0 FortiFone
- 0 FortiGuard
- 0 FortiNDR
- 0 FortiOS-6K7K
- 0 FortiPresence
- 0 FortiSDNConnector
- 0 FortiTokenMobileWP
- 0 FortiVoice
September
(1)
Refine Search
PSIRT Advisories
Monthly PSIRT Advisories
- 2023: May , Apr , Mar , Feb , Jan
- 2022: Dec , Nov , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb
- 2021: Dec , Nov , Oct , Sep , Aug , Jul , Jun , May , Apr , Mar , Feb , Jan
- 2020: Dec
The following is a list of advisories for issues resolved in Fortinet products. The resolution of such issues is coordinated by the Fortinet Product Security Incident Response Team (PSIRT), a dedicated, global team that manages the receipt, investigation, and public reporting of information about security vulnerabilities and issues related to Fortinet products and services.
For details of how to raise a PSIRT Issue with Fortinet, please see our PSIRT Policy here.
An improper privilege management vulnerability [CWE-269] in FortiADC may allow a remote authenticated attacker with restri...
FortiADC
6.2.1, 6.2.0, 6.1.5, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.3.7, 5.3.6, 5.3.5, 5.3.4, 5.3.3, 5.3.2, 5.3.1, 5.3.0
FortiDDoS-F
6.3.0
Sep 06, 2022
Severity
Medium
IR Number: FG-IR-21-215
CVE-2021-43076
Multiple relative path traversal vulnerabilities [CWE-23] in FortiWLM management interface may allow an authenticated atta...
FortiWLM
8.6.2, 8.6.1, 8.6.0, 8.5.4, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2
Mar 01, 2022
Severity
Medium
IR Number: FG-IR-21-106
CVE-2021-43070
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in FortiWLM...
FortiWLM
8.6.2, 8.6.1, 8.6.0, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2
Mar 01, 2022
Severity
High
IR Number: FG-IR-21-189
CVE-2021-43077
An improper neutralization of special elements used in an OS command ('OS Command Injection') [CWE-78] vulnerability in Fo...
FortiWLM
8.6.2, 8.6.1, 8.6.0, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2
Mar 01, 2022
Severity
High
IR Number: FG-IR-21-128
CVE-2021-43075
An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiWLM...
FortiWLM
8.6.1, 8.6.0, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2
Dec 07, 2021
Severity
High
IR Number: FG-IR-21-129
CVE-2021-42760
An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiWL...
FortiWLM
8.6.2, 8.6.1, 8.6.0, 8.5.4, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2
Dec 07, 2021
Severity
Medium
IR Number: FG-IR-21-111
CVE-2021-42752
An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in FortiWLM...
FortiWLM
8.6.1, 8.6.0, 8.5.4, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2
Dec 07, 2021
Severity
Medium
IR Number: FG-IR-21-114
CVE-2021-41029
An improper neutralization of special elements used in an OS command vulnerability ('OS Command Injection') [CWE-78] in Fo...
FortiWLM
8.6.1, 8.6.0, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2
Nov 02, 2021
Severity
High
IR Number: FG-IR-21-110
CVE-2021-36185
An improper neutralization of special elements [CWE-79] used in an SQL command vulnerability ('SQL Injection') [CWE-89] ...
FortiWLM
8.6.1, 8.6.0, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2
Nov 02, 2021
Severity
High
IR Number: FG-IR-21-107
CVE-2021-36184
An improper neutralization of input vulnerability [CWE-79] in FortiWebManager may allow a remote authenticated attacker to...
Multiple Fortinet products may be affected by the following Linux Kernel vulnerability:CVE-2016-10229 Linux Kernel ipv4/ud...
FortiManager
5.4.2
FortiAP
5.6.0, 5.4.2
FortiSandbox
3.0.7, 3.0.6, 3.0.5, 3.0.4
FortiAnalyzer
5.4.2
FortiWeb
5.7.3, 5.7.2
FortiADC
4.8.0
Meru Controller
8.4.5, 8.4.4
FortiWAN-Manager
4.3.0
FortiWAN
4.3.1
FortiPortal
5.0.3, 5.0.2, 5.0.1, 5.0.0, 4.2.2, 4.2.1, 4.2.0, 4.1.2, 4.1.1, 4.1.0, 4.0.4, 4.0.3, 4.0.2, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0
FortiWebManager
6.0.0
FortiDDoS
4.3.2, 4.3.1
FortiOS
5.6.0, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.13, 5.4.12, 5.4.11, 5.4.10, 5.4.1, 5.4.0
FortiAuthenticator
5.0.0
FortiCache
4.2.2
FortiVoiceEnterprise
5.3.6
AscenLink
7.2.19
FortiWLM
8.4.0
FortiWLC
8.4.8, 8.4.7, 8.4.6, 8.4.5, 8.4.4, 8.4.2
Jul 24, 2019
Severity
High
IR Number: FG-IR-17-118
CVE-2016-10229