Fortinet

Fortianalyzer Cloud

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.7

CVE-2025-24474

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 08.07.2025 14:41:34
  • Zuletzt bearbeitet 22.07.2025 18:11:02

An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2 all versions, 7.0 all versions, 6.4 all versions; FortiManager Cloud 7.4.1 th...

7.2

CVE-2024-40584

  • EPSS 0.14%
  • Veröffentlicht 11.02.2025 17:15:22
  • Zuletzt bearbeitet 22.07.2025 21:37:17

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15 and 6.2.2 thro...

9.8

CVE-2024-50563

  • EPSS 0.25%
  • Veröffentlicht 16.01.2025 10:15:09
  • Zuletzt bearbeitet 24.09.2025 15:25:38

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Clou...

7.8

CVE-2024-45331

  • EPSS 0.02%
  • Veröffentlicht 16.01.2025 09:15:06
  • Zuletzt bearbeitet 03.02.2025 21:03:06

A incorrect privilege assignment in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, FortiManager versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 thro...

9.8

CVE-2024-48886

  • EPSS 0.13%
  • Veröffentlicht 14.01.2025 14:15:33
  • Zuletzt bearbeitet 03.02.2025 22:16:04

A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiM...

7.8

CVE-2024-33503

  • EPSS 0.02%
  • Veröffentlicht 14.01.2025 14:15:29
  • Zuletzt bearbeitet 31.01.2025 17:36:27

A improper privilege management in Fortinet FortiManager version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through...

8.8

CVE-2024-35273

  • EPSS 0.08%
  • Veröffentlicht 14.01.2025 14:15:29
  • Zuletzt bearbeitet 31.01.2025 17:38:10

A out-of-bounds write in Fortinet FortiManager version 7.4.0 through 7.4.2, FortiAnalyzer version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests.

8.8

CVE-2024-35275

  • EPSS 0.1%
  • Veröffentlicht 14.01.2025 14:15:29
  • Zuletzt bearbeitet 31.01.2025 16:49:57

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, FortiManager version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted ht...

9.8

CVE-2024-35276

  • EPSS 0.06%
  • Veröffentlicht 14.01.2025 14:15:29
  • Zuletzt bearbeitet 31.01.2025 17:04:42

A stack-based buffer overflow in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through...

7.2

CVE-2024-45330

  • EPSS 0.27%
  • Veröffentlicht 08.10.2024 15:15:15
  • Zuletzt bearbeitet 19.10.2024 00:41:09

A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.2 through 7.2.5 allows attacker to escalate its privileges via specially crafted requests.