cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-27998,https://securityvulnerability.io/vulnerability/CVE-2023-27998,,A lack of custom error pages vulnerability [CWE-756] in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTP(s) paths.,Fortinet,FortiPresence,5.3,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2023-09-13T13:15:00.000Z,0
CVE-2022-41331,https://securityvulnerability.io/vulnerability/CVE-2022-41331,Missing Authentication Vulnerability in FortiPresence Infrastructure Server,"A vulnerability in the FortiPresence infrastructure server allows remote, unauthenticated attackers to exploit the system by sending specifically crafted authentication requests. This issue affects versions of the server prior to 1.2.1, enabling access to sensitive Redis and MongoDB instances without valid authentication. Organizations using affected versions must prioritize patching to mitigate potential risks associated with unauthorized access.",Fortinet,Fortipresence,9.3,CRITICAL,0.0021299999207258224,false,false,false,false,,false,false,2023-04-11T16:06:05.258Z,0
CVE-2020-6641,https://securityvulnerability.io/vulnerability/CVE-2020-6641,,Two authorization bypass through user-controlled key vulnerabilities in the Fortinet FortiPresence 2.1.0 administration interface may allow an attacker to gain access to some user data via portal manager or portal users parameters.,Fortinet,Fortinet Fortipresence,4.3,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2021-06-02T10:26:11.000Z,0