Fortinet Fortisiemwindowsagent vulnerabilities
3 known vulnerabilities affecting fortinet/fortinet_fortisiemwindowsagent.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-41022HIGHCVSS 7.8vFortiSIEMWindowsAgent 4.1.4, 4.1.3, 4.1.2, 4.1.1, 4.1.0, 4.0.0, 3.3.0, 3.2.2, 3.2.1, 3.2.0, 3.1.2, 3.1.02021-11-02
CVE-2021-41022 [HIGH] CWE-269 CVE-2021-41022: A improper privilege management in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows a
A improper privilege management in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows attacker to execute privileged code or commands via powershell scripts
cvelistv5nvd
CVE-2021-41023MEDIUMCVSS 5.5vFortiSIEMWindowsAgent 4.1.4, 4.1.3, 4.1.2, 4.1.1, 4.1.0, 4.0.0, 3.3.0, 3.2.2, 3.2.1, 3.2.0, 3.1.2, 3.1.02021-11-02
CVE-2021-41023 [MEDIUM] CWE-522 CVE-2021-41023: A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below all
A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows an authenticated user to disclosure agent password due to plaintext credential storage in log files
cvelistv5nvd
CVE-2020-9292CRITICALCVSS 9.8vFortiSIEMWindowsAgent 3.1.22020-06-04
CVE-2020-9292 [CRITICAL] CVE-2020-9292: An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the AoWinAgt exe
An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the AoWinAgt executable service path.
cvelistv5