Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortianalyzer vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2023-42788
An improper neutralization of special elements used in an os command ('OS Command Injection') vulnerability [CWE-78] in FortiManager & FortiAnalyzer version 7.4.0, version 7.2.0 up to and including 7.2.3, version 7.0.0 up to and including 7.0.8, version 6.4.0 up to ...
Fortinet Fortimanager
Fortinet Fortianalyzer 7.4.0
Fortinet Fortianalyzer
Fortinet Fortimanager 7.4.0
6.1
CVSSv3
CVE-2018-1355
An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows malicious user to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able...
Fortinet Fortimanager 6.0.0
Fortinet Fortianalyzer 6.0.0
Fortinet Fortianalyzer
Fortinet Fortimanager
7.1
CVSSv3
CVE-2023-41838
An improper neutralization of special elements used in an os command ('os command injection') in FortiManager 7.4.0 and 7.2.0 up to and including 7.2.3 may allow malicious user to execute unauthorized code or commands via FortiManager cli.
Fortinet Fortimanager
Fortinet Fortianalyzer 7.4.0
Fortinet Fortianalyzer
Fortinet Fortimanager 7.4.0
2.7
CVSSv3
CVE-2022-38377
An improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.7, 6.2.0 up to and including 6.2.9, 6.0.0 up to and including 6.0.11 and FortiAnalyzer 7.2.0, 7.0.0 up to and including 7.0.3, 6.4.0 up to and ...
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortimanager 7.2.0
Fortinet Fortianalyzer 7.2.0
6.1
CVSSv3
CVE-2017-3126
An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 up to and including 5.4.2 and FortiManager 5.4.0 up to and including 5.4.2 allows malicious user to execute unauthorized code or commands via the next parameter.
Fortinet Fortianalyzer Firmware 5.4.1
Fortinet Fortianalyzer Firmware 5.4.0
Fortinet Fortianalyzer Firmware 5.4.2
Fortinet Fortimanager Firmware 5.4.1
Fortinet Fortimanager Firmware 5.4.0
Fortinet Fortimanager Firmware 5.4.2
6.1
CVSSv3
CVE-2017-17541
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.4 and below versions, FortiAnalyzer 6.0.0, 5.6.4 and below versions allows inject Javascript code and HTML tags through the CN value of CA and CRL certificates via the import CA and CRL certificates fe...
Fortinet Fortianalyzer Firmware
Fortinet Fortianalyzer Firmware 6.0.0
Fortinet Fortimanager Firmware
Fortinet Fortimanager Firmware 6.0.0
NA
CVE-2015-3620
Cross-site scripting (XSS) vulnerability in the advanced dataset reports page in Fortinet FortiAnalyzer 5.0.0 up to and including 5.0.10 and 5.2.0 up to and including 5.2.1 and FortiManager 5.0.3 up to and including 5.0.10 and 5.2.0 up to and including 5.2.1 allows remote malicio...
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortianalyzer Firmware 5.2.0
Fortinet Fortianalyzer Firmware 5.0.0
Fortinet Fortianalyzer Firmware 5.0.10
Fortinet Fortianalyzer Firmware 5.0.1
Fortinet Fortianalyzer Firmware 5.2.1
7.2
CVSSv3
CVE-2022-27483
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager version 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.7, 6.2.x and 6.0.x and FortiAnalyzer version 7.0.0 up to and including 7.0.3, ver...
Fortinet Fortimanager
Fortinet Fortianalyzer
6.1
CVSSv3
CVE-2020-12811
An improper neutralization of script-related HTML tags in a web page in FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3and FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3 may allow an malicious user to execute a cross site scripting (XSS) via the Identify Provider name field.
Fortinet Fortianalyzer
Fortinet Fortimanager
4.3
CVSSv3
CVE-2023-36638
An improper privilege management vulnerability [CWE-269] in FortiManager 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.7, 6.4.0 up to and including 6.4.11, 6.2 all versions, 6.0 all versions and FortiAnalyzer 7.2.0 up to and including 7.2.2, 7.0.0 up to and inclu...
Fortinet Fortimanager
Fortinet Fortianalyzer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29824
CVE-2024-30095
CVE-2024-30104
client side
CVE-2024-5840
CVE-2024-34405
unprivileged
wireless
CVE-2024-4577
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »