Fortinet Fortisoar Vulnerabilities

OS Command Injection Vulnerability in Fortinet's FortiSOAR Affects Multiple Versions

CVE-2024-48891

FortinetFortisoar On-premise6.6MEDIUM

Relative Path Traversal Vulnerability in FortiSOAR by Fortinet

CVE-2024-48892

FortinetFortisoar4.9MEDIUM

Cross-Site Scripting Vulnerability in FortiSOAR by Fortinet

CVE-2025-32932

FortinetFortisoar5.4MEDIUM

Code Injection Vulnerability in FortiSOAR by Fortinet

CVE-2024-21760

FortinetFortisoar7.7HIGH

External Resource Referencing Vulnerability in Fortinet Products

CVE-2022-23439

FortinetFortitester6.1MEDIUM

Observable Response Discrepancy Vulnerability in Fortinet Products

CVE-2024-36510

FortinetForticlientems5.3MEDIUM

Improper Neutralization in Fortinet FortiSOAR Product for CSV File Handling

CVE-2024-47572

FortinetFortisoar8HIGH

OS Command Injection in FortiSOAR IMAP Connector by Fortinet

CVE-2024-48890

FortinetFortisoar8.8HIGH

Brute Force Attack Through Change Password Endpoint

CVE-2024-45327

FortinetFortisoar7.5HIGH

Arbitrary Web Script or HTML Injection in FortiSOAR 7.3.0-7.3.2

CVE-2023-26211

FortinetFortisoar9CRITICAL

Unauthorized Code Execution via SQL Injection in FortiSOAR

CVE-2023-23775

FortinetFortisoar8.8HIGH

Plain-text Connector Passwords Vulnerability

CVE-2024-31493

FortinetFortisoar6.5MEDIUM

Remote Code Execution in Fortinet FortiSOAR by Authenticated Attackers

CVE-2023-27995

FortinetFortisoar7.2HIGH

Improper Access Control Flaw in Fortinet FortiSOAR Product

CVE-2023-25605

FortinetFortisoar7.5HIGH

Web Application Security Flaw in FortiSOAR by Fortinet

CVE-2022-38379

FortinetFortisoar3.4LOW

Missing Authentication Vulnerability in Fortinet FortiSOAR Products

CVE-2022-42473

FortinetFortinet Fortisoar5.3MEDIUM

OS Command Injection Vulnerability in Fortinet FortiSOAR

CVE-2022-29061

FortinetFortinet Fortisoar7.2HIGH

Improper Neutralization in FortiSOAR Management Interface

CVE-2022-35847

FortinetFortinet Fortisoar6.3MEDIUM

Improper Privilege Management in Fortinet FortiSOAR

CVE-2022-30298

FortinetFortinet Fortisoar7HIGH

Path Traversal Vulnerabilities in Fortinet FortiSOAR Software

CVE-2022-29062

FortinetFortinet Fortisoar6.3MEDIUM

Improper Access Control in Fortinet FortiSOAR Affects Gateway API Data

CVE-2022-23443

FortinetFortinet Fortisoar7.5HIGH

Fortinet Fortisoar Vulnerabilities

Vulnerability Published:

Sort By:

14 October 2025

OS Command Injection Vulnerability in Fortinet's FortiSOAR Affects Multiple Versions

12 August 2025

Relative Path Traversal Vulnerability in FortiSOAR by Fortinet

Cross-Site Scripting Vulnerability in FortiSOAR by Fortinet

18 March 2025

Code Injection Vulnerability in FortiSOAR by Fortinet

22 January 2025

External Resource Referencing Vulnerability in Fortinet Products

14 January 2025

Observable Response Discrepancy Vulnerability in Fortinet Products

Improper Neutralization in Fortinet FortiSOAR Product for CSV File Handling

OS Command Injection in FortiSOAR IMAP Connector by Fortinet

11 September 2024

Brute Force Attack Through Change Password Endpoint

13 August 2024

Arbitrary Web Script or HTML Injection in FortiSOAR 7.3.0-7.3.2

11 June 2024

Unauthorized Code Execution via SQL Injection in FortiSOAR

3 June 2024

Plain-text Connector Passwords Vulnerability

11 April 2023

Remote Code Execution in Fortinet FortiSOAR by Authenticated Attackers

7 March 2023

Improper Access Control Flaw in Fortinet FortiSOAR Product

6 December 2022

Web Application Security Flaw in FortiSOAR by Fortinet

2 November 2022

Missing Authentication Vulnerability in Fortinet FortiSOAR Products

9 September 2022

OS Command Injection Vulnerability in Fortinet FortiSOAR

6 September 2022

Improper Neutralization in FortiSOAR Management Interface

Improper Privilege Management in Fortinet FortiSOAR

Path Traversal Vulnerabilities in Fortinet FortiSOAR Software

4 May 2022

Improper Access Control in Fortinet FortiSOAR Affects Gateway API Data