A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 up to and including 7.4.1, version 7.2.0 up to and including 7.2.3 and prior to 7.0.10, Fortinet FortiAnalyzer version 7.4.0 up to and including 7.4.1, version 7.2.0 up to and including 7.2.3 and prior to 7.0.10, Fortinet FortiAnalyzer-BigData prior to 7.2.5 and Fortinet FortiPortal version 6.0 all versions and version 5.3 all versions allows a privileged malicious user to execute unauthorized code or commands via specially crafted command arguments.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortianalyzer |
||
fortinet fortimanager |
||
fortinet fortianalyzer bigdata |
||
fortinet fortianalyzer bigdata 6.2.5 |
||
fortinet fortiportal |