Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortianalyzer vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2016-1909
Fortinet FortiAnalyzer prior to 5.0.12 and 5.2.x prior to 5.2.5; FortiSwitch 3.3.x prior to 3.3.3; FortiCache 3.0.x prior to 3.0.8; and FortiOS 4.1.x prior to 4.1.11, 4.2.x prior to 4.2.16, 4.3.x prior to 4.3.17 and 5.0.x prior to 5.0.8 have a hardcoded passphrase for the Fortima...
Fortinet Fortios 5.0.2
Fortinet Fortios 5.0.6
Fortinet Fortios 5.0.7
Fortinet Fortios 5.0
Fortinet Fortios 5.0.1
Fortinet Fortios
Fortinet Fortios 5.0.3
Fortinet Fortios 5.0.4
Fortinet Fortios 5.0.5
Fortinet Fortios 5.0.0
1 EDB exploit
685
VMScore
CVE-2013-6826
cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer prior to 5.0.5 does not properly validate the csrf_token parameter, which allows remote malicious users to perform cross-site request forgery (CSRF) attacks.
Fortinet Fortianalyzer Firmware
Fortinet Fortianalyzer-2000b -
Fortinet Fortianalyzer-200d -
Fortinet Fortianalyzer-4000b -
Fortinet Fortianalyzer-3000d -
Fortinet Fortianalyzer-1000d -
Fortinet Fortianalyzer-300d -
1 EDB exploit
641
VMScore
CVE-2021-26104
Multiple OS command injection (CWE-78) vulnerabilities in the command line interface of FortiManager 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, FortiAnalyzer 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, and FortiPo...
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortiportal
580
VMScore
CVE-2022-22300
A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5.6.0 up to and including 5.6.11, FortiAnalyzer version 6.0.0 up to and including 6.0.11, FortiAnalyzer version 6.2.0 up to and including 6.2.9, FortiAnalyzer version 6.4.0 up to and i...
Fortinet Fortimanager
Fortinet Fortianalyzer
578
VMScore
CVE-2020-12817
An improper neutralization of input vulnerability in FortiAnalyzer prior to 6.4.1 and 6.2.5 may allow a remote authenticated malicious user to inject script related HTML tags via Name parameter of Storage Connectors.
Fortinet Fortianalyzer 6.2.5
Fortinet Fortianalyzer 6.4.0
Fortinet Fortianalyzer 6.4.1
Fortinet Fortitester
Fortinet Fortitester 3.8.0
516
VMScore
CVE-2018-1355
An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows malicious user to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able...
Fortinet Fortianalyzer
Fortinet Fortimanager
Fortinet Fortianalyzer 6.0.0
Fortinet Fortimanager 6.0.0
516
VMScore
CVE-2017-3126
An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 up to and including 5.4.2 and FortiManager 5.4.0 up to and including 5.4.2 allows malicious user to execute unauthorized code or commands via the next parameter.
Fortinet Fortianalyzer Firmware 5.4.1
Fortinet Fortianalyzer Firmware 5.4.2
Fortinet Fortianalyzer Firmware 5.4.0
Fortinet Fortimanager Firmware 5.4.1
Fortinet Fortimanager Firmware 5.4.2
Fortinet Fortimanager Firmware 5.4.0
445
VMScore
CVE-2020-9289
Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of the...
Fortinet Fortimanager
Fortinet Fortianalyzer
1 Github repository
445
VMScore
CVE-2019-17657
An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an malicious user to cause admin webUI denial of service (DoS) via handling special...
Fortinet Fortianalyzer
Fortinet Fortiap-s
Fortinet Fortiap-w2
Fortinet Fortimanager
Fortinet Fortiswitch
445
VMScore
CVE-2017-7338
A password management vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an malicious user to carry out information disclosure via the FortiAnalyzer Management View.
Fortinet Fortiportal
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »