Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortianalyzer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-27483
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager version 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.7, 6.2.x and 6.0.x and FortiAnalyzer version 7.0.0 up to and including 7.0.3, ver...
Fortinet Fortimanager
Fortinet Fortianalyzer
383
VMScore
CVE-2018-13375
An Improper Neutralization of Script-Related HTML Tags in Fortinet FortiAnalyzer 5.6.0 and below and FortiManager 5.6.0 and below allows an malicious user to send DHCP request containing malicious scripts in the HOSTNAME parameter. The malicious script code is executed while view...
Fortinet Fortianalyzer
Fortinet Fortimanager
187
VMScore
CVE-2021-24022
A buffer overflow vulnerability in FortiAnalyzer CLI 6.4.5 and below, 6.2.7 and below, 6.0.x and FortiManager CLI 6.4.5 and below, 6.2.7 and below, 6.0.x may allow an authenticated, local malicious user to perform a Denial of Service attack by running the `diagnose system geoip-c...
Fortinet Fortianalyzer
Fortinet Fortimanager
356
VMScore
CVE-2018-1354
An improper access control vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows a regular user edit the avatar picture of other users with arbitrary content.
Fortinet Fortianalyzer
Fortinet Fortimanager
NA
CVE-2023-36638
An improper privilege management vulnerability [CWE-269] in FortiManager 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.7, 6.4.0 up to and including 6.4.11, 6.2 all versions, 6.0 all versions and FortiAnalyzer 7.2.0 up to and including 7.2.2, 7.0.0 up to and inclu...
Fortinet Fortimanager
Fortinet Fortianalyzer
312
VMScore
CVE-2021-32597
Multiple improper neutralization of input during web page generation (CWE-79) in FortiManager and FortiAnalyzer versions 7.0.0, 6.4.5 and below, 6.2.7 and below user interface, may allow a remote authenticated malicious user to perform a Stored Cross Site Scripting attack (XSS) b...
Fortinet Fortianalyzer
Fortinet Fortimanager
NA
CVE-2022-39950
An improper neutralization of input during web page generation vulnerability [CWE-79] exists in FortiManager and FortiAnalyzer 6.0.0 all versions, 6.2.0 all versions, 6.4.0 up to and including 6.4.8, and 7.0.0 up to and including 7.0.4. Report templates may allow a low privilege ...
Fortinet Fortianalyzer
Fortinet Fortimanager
NA
CVE-2022-26118
A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 up to and including 6.4.7, 7.0.0 up to and including 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect...
Fortinet Fortimanager
Fortinet Fortianalyzer
NA
CVE-2023-22642
An improper certificate validation vulnerability [CWE-295] in FortiAnalyzer and FortiManager 7.2.0 up to and including 7.2.1, 7.0.0 up to and including 7.0.5, 6.4.8 up to and including 6.4.10 may allow a remote and unauthenticated malicious user to perform a Man-in-the-Middle att...
Fortinet Fortianalyzer
Fortinet Fortimanager
445
VMScore
CVE-2020-9289
Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of the...
Fortinet Fortimanager
Fortinet Fortianalyzer
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »