Fortinet FortiAuthenticator 6.1.0
Approved changes feed: RSS · Atom
cpe:2.3:a:fortinet:fortiauthenticator:6.1.0:*:*:*:*:*:*:*
part: a version: 6.1.0 update: *
| Vendor | Fortinet (2b06c5e0-0a17-54f4-810a-5ef236d51947) |
|---|---|
| Product | Fortiauthenticator (c9e59448-899d-59b8-be98-875d13278b33) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-23439 |
vulnerable | 2026-06-03 14:46:27.347346 |
Details available
MEDIUM (4.1)
A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver
Published: 2025-01-22T09:10:28.669Z
Updated: 2026-01-14T13:06:07.365Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-22302 |
vulnerable | 2026-06-03 14:46:18.757108 |
Details available
MEDIUM (5.3)
A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet private keys used to establish secure communication with both Apple Push Notification and Google Cloud Messaging services, via accessing the files on the filesystem.
Published: 2023-07-11T08:54:00.679Z
Updated: 2024-10-23T14:25:36.732Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-43067 |
vulnerable | 2026-06-03 14:45:28.013279 |
Details available
HIGH (8.3)
A exposure of sensitive information to an unauthorized actor in Fortinet FortiAuthenticator version 6.4.0, version 6.3.2 and below, version 6.2.1 and below, version 6.1.2 and below, version 6.0.7 to 6.0.1 allows attacker to duplicate a target LDAP user 2 factors authentication token via crafted HTTP requests.
Published: 2021-12-08T11:22:39.000Z
Updated: 2024-10-25T13:42:16.266Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.