Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortianalyzer vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-32598
An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability In FortiManager and FortiAnalyzer GUI 7.0.0, 6.4.6 and below, 6.2.8 and below, 6.0.11 and below, 5.6.11 and below may allow an authenticated and remote malicious user ...
Fortinet Fortianalyzer
Fortinet Fortimanager
4.2
CVSSv3
CVE-2022-22305
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated malicious use...
Fortinet Fortisandbox 4.0.0
Fortinet Fortianalyzer
Fortinet Fortisandbox
Fortinet Fortisandbox 4.0.1
Fortinet Fortisandbox 4.0.2
Fortinet Fortios
Fortinet Fortisandbox 3.0.1
Fortinet Fortianalyzer 7.0.0
Fortinet Fortianalyzer 7.0.1
Fortinet Fortianalyzer 7.0.2
Fortinet Fortimanager 7.0.0
Fortinet Fortimanager 7.0.1
Fortinet Fortimanager
3.2
CVSSv3
CVE-2021-36170
An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions 7.0.0 and 6.4.6 and below may allow an authenticated malicious user to read the FortiCloud credentials which were used to activate the trial license in cleartext.
Fortinet Fortianalyzer
Fortinet Fortimanager
3.1
CVSSv3
CVE-2023-23776
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiAnalyzer versions 7.2.0 up to and including 7.2.1, 7.0.0 up to and including 7.0.4 and 6.4.0 up to and including 6.4.10 may allow a remote authenticated malicious user to read the client...
Fortinet Fortianalyzer
2.7
CVSSv3
CVE-2022-38377
An improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.7, 6.2.0 up to and including 6.2.9, 6.0.0 up to and including 6.0.11 and FortiAnalyzer 7.2.0, 7.0.0 up to and including 7.0.3, 6.4.0 up to and ...
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortimanager 7.2.0
Fortinet Fortianalyzer 7.2.0
NA
CVE-2021-32589
Fortinet FortiManager and Fortinet FortiAnalyzer use after free vulnerability in fgfmsd daemon. A Use After Free (CWE-416) vulnerability in FortiManager and FortiAnalyzer fgfmsd daemon may allow a remote, non-authenticated attacker to execute unauthorized code as root via sending...
NA
CVE-2015-3620
Cross-site scripting (XSS) vulnerability in the advanced dataset reports page in Fortinet FortiAnalyzer 5.0.0 up to and including 5.0.10 and 5.2.0 up to and including 5.2.1 and FortiManager 5.0.3 up to and including 5.0.10 and 5.2.0 up to and including 5.2.1 allows remote malicio...
Fortinet Fortimanager Firmware 5.0.4
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortianalyzer Firmware 5.0.10
Fortinet Fortianalyzer Firmware 5.2.0
Fortinet Fortianalyzer Firmware 5.0.0
Fortinet Fortianalyzer Firmware 5.0.1
Fortinet Fortianalyzer Firmware 5.2.1
NA
CVE-2014-2335
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager prior to 5.0.7 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.
Fortinet Fortianalyzer Firmware
NA
CVE-2014-2336
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager prior to 5.0.7 and FortiAnalyzer prior to 5.0.7 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2...
Fortinet Fortimanager
Fortinet Fortianalyzer Firmware
NA
CVE-2014-2334
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer prior to 5.0.7 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.
Fortinet Fortianalyzer Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »