Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortianalyzer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6826
cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer prior to 5.0.5 does not properly validate the csrf_token parameter, which allows remote malicious users to perform cross-site request forgery (CSRF) attacks.
Fortinet Fortianalyzer Firmware
Fortinet Fortianalyzer-1000d -
Fortinet Fortianalyzer-2000b -
Fortinet Fortianalyzer-200d -
Fortinet Fortianalyzer-3000d -
Fortinet Fortianalyzer-300d -
Fortinet Fortianalyzer-4000b -
1 EDB exploit
6.1
CVSSv3
CVE-2022-30304
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAnalyzer versions before 7.2.1, 7.0.4 and 6.4.8 may allow a remote unauthenticated malicious user to perform a stored cross site scripting (XSS) attack via the URL parameter observed in ...
Fortinet Fortianalyzer
Fortinet Fortianalyzer 7.2.0
Fortinet Fortianalyzer 7.2.1
5.4
CVSSv3
CVE-2015-7363
Cross-site scripting (XSS) vulnerability in the advanced settings page in Fortinet FortiManager 5.x prior to 5.0.12 and 5.2.x prior to 5.2.3, in hardware models with a hard disk, and FortiAnalyzer 5.x prior to 5.0.13 and 5.2.x prior to 5.2.3 allows remote administrators to inject...
Fortinet Fortimanager Firmware 5.0.0
Fortinet Fortimanager Firmware 5.0.1
Fortinet Fortimanager Firmware 5.0.2
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.0.11
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortianalyzer Firmware 5.0.0
Fortinet Fortianalyzer Firmware 5.0.1
Fortinet Fortianalyzer Firmware 5.0.2
Fortinet Fortianalyzer Firmware 5.0.3
Fortinet Fortianalyzer Firmware 5.0.4
Fortinet Fortianalyzer Firmware 5.0.5
Fortinet Fortianalyzer Firmware 5.0.6
Fortinet Fortianalyzer Firmware 5.0.7
6.7
CVSSv3
CVE-2023-41842
A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 up to and including 7.4.1, version 7.2.0 up to and including 7.2.3 and prior to 7.0.10, Fortinet FortiAnalyzer version 7.4.0 up to and including 7.4.1, version 7.2.0 up to ...
Fortinet Fortianalyzer
Fortinet Fortimanager
Fortinet Fortianalyzer Bigdata
Fortinet Fortianalyzer Bigdata 6.2.5
Fortinet Fortiportal
5.4
CVSSv3
CVE-2016-3193
Cross-site scripting (XSS) vulnerability in the appliance web-application in Fortinet FortiManager 5.x prior to 5.0.12, 5.2.x prior to 5.2.6, and 5.4.x prior to 5.4.1 and FortiAnalyzer 5.x prior to 5.0.13, 5.2.x prior to 5.2.6, and 5.4.x prior to 5.4.1 allows remote authenticated...
Fortinet Fortimanager Firmware 5.0.11
Fortinet Fortimanager Firmware 5.2.3
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.2.2
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.0.1
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.0.0
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.4.0
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.2.4
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.2.5
Fortinet Fortimanager Firmware 5.0.2
Fortinet Fortianalyzer Firmware 5.0.2
Fortinet Fortianalyzer Firmware 5.0.5
Fortinet Fortianalyzer Firmware 5.2.3
6.1
CVSSv3
CVE-2016-3194
Cross-site scripting (XSS) vulnerability in the address added page in Fortinet FortiManager 5.x prior to 5.0.12 and 5.2.x prior to 5.2.6 and FortiAnalyzer 5.x prior to 5.0.13 and 5.2.x prior to 5.2.6 allows remote malicious users to inject arbitrary web script or HTML via unspeci...
Fortinet Fortimanager Firmware 5.0.11
Fortinet Fortimanager Firmware 5.2.3
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.2.2
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.0.1
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.0.0
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.2.4
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.2.5
Fortinet Fortimanager Firmware 5.0.2
Fortinet Fortianalyzer Firmware 5.0.2
Fortinet Fortianalyzer Firmware 5.0.5
Fortinet Fortianalyzer Firmware 5.2.3
Fortinet Fortianalyzer Firmware 5.2.4
6.1
CVSSv3
CVE-2016-3195
Cross-site scripting (XSS) vulnerability in the Web-UI in Fortinet FortiManager 5.x prior to 5.0.12 and 5.2.x prior to 5.2.6 and FortiAnalyzer 5.x prior to 5.0.13 and 5.2.x prior to 5.2.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors...
Fortinet Fortimanager Firmware 5.0.11
Fortinet Fortimanager Firmware 5.2.3
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.2.2
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.0.1
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.0.0
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.2.4
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.2.5
Fortinet Fortimanager Firmware 5.0.2
Fortinet Fortianalyzer Firmware 5.0.2
Fortinet Fortianalyzer Firmware 5.0.5
Fortinet Fortianalyzer Firmware 5.2.3
Fortinet Fortianalyzer Firmware 5.2.4
8.8
CVSSv3
CVE-2020-12817
An improper neutralization of input vulnerability in FortiAnalyzer prior to 6.4.1 and 6.2.5 may allow a remote authenticated malicious user to inject script related HTML tags via Name parameter of Storage Connectors.
Fortinet Fortitester
Fortinet Fortitester 3.8.0
Fortinet Fortianalyzer 6.2.5
Fortinet Fortianalyzer 6.4.1
Fortinet Fortianalyzer 6.4.0
6.5
CVSSv3
CVE-2023-25609
A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7.2.0 up to and including 7.2.1, 7.0.0 up to and including 7.0.6, 6.4.8 up to and including 6.4.11 may allow a remote and authenticated malicious user to access unauthorized files a...
Fortinet Fortimanager 7.2.0
Fortinet Fortianalyzer 7.2.0
Fortinet Fortianalyzer 7.2.1
Fortinet Fortimanager 7.2.1
Fortinet Fortimanager
Fortinet Fortianalyzer
5
CVSSv3
CVE-2023-44253
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiManager version 7.4.0 up to and including 7.4.1 and prior to 7.2.5, FortiAnalyzer version 7.4.0 up to and including 7.4.1 and prior to 7.2.5 and FortiAnalyzer-BigData prior to 7...
Fortinet Fortianalyzer
Fortinet Fortimanager
Fortinet Fortianalyzer 7.4.0
Fortinet Fortimanager 7.4.0
Fortinet Fortimanager 7.4.1
Fortinet Fortianalyzer 7.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »