Known vulnerabilities in Fortinet, Inc FortiPAM

Vendor: Fortinet, Inc
Website: https://www.fortinet.com/
Total Security Bulletins: 21

Security bulletins (21)

Secuity bulletin Severity Status Published
SB2025120983: REST API key disclosure in Fortinet products Low
Patched
09.12.2025
SB2025111878: Cleartext storage of sensitive information in memory in FortiPAM Low
Patched
18.11.2025
SB2025111873: Improper privilege management in Fortinet products Low
Patched
18.11.2025
SB2025101574: Weak authentication in FortiPAM and FortiSwitch Manager Medium
Patched
15.10.2025
SB2025101507: Insertion of Sensitive Information Into Sent Data in Fortinet products Low
Patched
15.10.2025
SB2025101503: Heap-based buffer overflow in Fortinet products Low
Patched
15.10.2025
SB20251014108: Heap-based buffer overflow in Fortinet products Medium
Patched
14.10.2025
SB20251014102: Improper Check or Handling of Exceptional Conditions in Fortinet products Medium
Patched
14.10.2025
SB2025081299: Integer overflow in Fortinet products Low
Patched
12.08.2025
SB2025081297: Authentication bypass using an alternate path or channel in Fortinet products High
Patched
12.08.2025
SB2025081281: Double free in Fortinet products Low
Patched
12.08.2025
SB2025061117: Improper handling of insufficient permissions or privileges in FortiPAM and FortiSRA Low
Patched
11.06.2025
SB2025031209: Privilege escalation in FortiPAM Low
Patched
12.03.2025
SB2025021208: Privilege escalation in FortiPAM CLI Low
Patched
12.02.2025
SB20241112155: Improper authentication in FortiPAM fgfmd Medium
Patched
12.11.2024
SB2024081474: Insufficient session expiration in Fortinet products Low
Patched
14.08.2024
SB20240611274: Buffer overflow in fgfmd daemon for FortiOS, FortiProxy, FortiPAM and FortiSwitch Manager Medium
Patched
11.06.2024
SB2024052014: Format string errors in several Fortinet products Low
Patched
20.05.2024
SB2024010976: Denial of service in FortiPAM Low
Patched
09.01.2024
SB2023121477: Double free error in FortiOS and FortiPAM HTTPSd daemon Medium
Patched
14.12.2023
SB2023121476: Format string errors in HTTPSd in Fortinet products Medium
Patched
14.12.2023