Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortianalyzer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40719
A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 - 7.0.8, 7.2.0 - 7.2.3 and 7.4.0 allows an malicious user to access Fortinet private testing data via the use of static credentials.
Fortinet Fortianalyzer 7.4.0
Fortinet Fortianalyzer
Fortinet Fortimanager 7.4.0
Fortinet Fortimanager
NA
CVE-2022-38377
An improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.7, 6.2.0 up to and including 6.2.9, 6.0.0 up to and including 6.0.11 and FortiAnalyzer 7.2.0, 7.0.0 up to and including 7.0.3, 6.4.0 up to and ...
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortimanager 7.2.0
Fortinet Fortianalyzer 7.2.0
NA
CVE-2023-25607
An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78 ] in FortiManager 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.7, 6.4.0 up to and including 6.4.11, 6.2 all versions, 6.0 all versions, ...
Fortinet Fortiadc
Fortinet Fortiadc 7.1.0
Fortinet Fortimanager 7.2.0
Fortinet Fortianalyzer
Fortinet Fortianalyzer 7.2.1
Fortinet Fortimanager 7.2.1
Fortinet Fortimanager
Fortinet Fortianalyzer 7.2.2
Fortinet Fortimanager 7.2.2
516
VMScore
CVE-2017-3126
An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 up to and including 5.4.2 and FortiManager 5.4.0 up to and including 5.4.2 allows malicious user to execute unauthorized code or commands via the next parameter.
Fortinet Fortianalyzer Firmware 5.4.1
Fortinet Fortianalyzer Firmware 5.4.2
Fortinet Fortianalyzer Firmware 5.4.0
Fortinet Fortimanager Firmware 5.4.1
Fortinet Fortimanager Firmware 5.4.2
Fortinet Fortimanager Firmware 5.4.0
383
VMScore
CVE-2017-17541
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.4 and below versions, FortiAnalyzer 6.0.0, 5.6.4 and below versions allows inject Javascript code and HTML tags through the CN value of CA and CRL certificates via the import CA and CRL certificates fe...
Fortinet Fortimanager Firmware 6.0.0
Fortinet Fortianalyzer Firmware
Fortinet Fortimanager Firmware
Fortinet Fortianalyzer Firmware 6.0.0
383
VMScore
CVE-2015-3620
Cross-site scripting (XSS) vulnerability in the advanced dataset reports page in Fortinet FortiAnalyzer 5.0.0 up to and including 5.0.10 and 5.2.0 up to and including 5.2.1 and FortiManager 5.0.3 up to and including 5.0.10 and 5.2.0 up to and including 5.2.1 allows remote malicio...
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortianalyzer Firmware 5.0.10
Fortinet Fortianalyzer Firmware 5.2.0
Fortinet Fortianalyzer Firmware 5.0.0
Fortinet Fortianalyzer Firmware 5.0.1
Fortinet Fortianalyzer Firmware 5.2.1
NA
CVE-2022-39950
An improper neutralization of input during web page generation vulnerability [CWE-79] exists in FortiManager and FortiAnalyzer 6.0.0 all versions, 6.2.0 all versions, 6.4.0 up to and including 6.4.8, and 7.0.0 up to and including 7.0.4. Report templates may allow a low privilege ...
Fortinet Fortianalyzer
Fortinet Fortimanager
312
VMScore
CVE-2021-32597
Multiple improper neutralization of input during web page generation (CWE-79) in FortiManager and FortiAnalyzer versions 7.0.0, 6.4.5 and below, 6.2.7 and below user interface, may allow a remote authenticated malicious user to perform a Stored Cross Site Scripting attack (XSS) b...
Fortinet Fortianalyzer
Fortinet Fortimanager
187
VMScore
CVE-2021-36170
An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions 7.0.0 and 6.4.6 and below may allow an authenticated malicious user to read the FortiCloud credentials which were used to activate the trial license in cleartext.
Fortinet Fortianalyzer
Fortinet Fortimanager
NA
CVE-2022-26118
A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 up to and including 6.4.7, 7.0.0 up to and including 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect...
Fortinet Fortimanager
Fortinet Fortianalyzer
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »