Fortinet

Fortianalyzer

81 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2024-32123

  • EPSS 0.05%
  • Veröffentlicht 11.03.2025 14:54:38
  • Zuletzt bearbeitet 24.07.2025 19:05:03

Multiple improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager, FortiAnalyzer versions 7.4.0 through 7.4.2 7.2.0 through 7.2.5 and 7.0.0 through 7.0.12 and 6.4.0 through 6.4.14 and 6.2.0 ...

2.3

CVE-2024-52966

  • EPSS 0.03%
  • Veröffentlicht 11.02.2025 17:15:23
  • Zuletzt bearbeitet 22.07.2025 21:38:25

An exposure of sensitive information to an unauthorized actor in Fortinet FortiAnalyzer 6.4.0 through 7.6.0 allows attacker to cause information disclosure via filter manipulation.

7.2

CVE-2024-40584

  • EPSS 0.28%
  • Veröffentlicht 11.02.2025 17:15:22
  • Zuletzt bearbeitet 22.07.2025 21:37:17

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15 and 6.2.2 thro...

6

CVE-2024-36508

  • EPSS 0.11%
  • Veröffentlicht 11.02.2025 17:15:22
  • Zuletzt bearbeitet 24.07.2025 19:04:36

An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 and Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 CLI...

9.8

CVE-2024-50563

  • EPSS 0.31%
  • Veröffentlicht 16.01.2025 10:15:09
  • Zuletzt bearbeitet 24.09.2025 15:25:38

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Clou...

7.8

CVE-2024-45331

  • EPSS 0.02%
  • Veröffentlicht 16.01.2025 09:15:06
  • Zuletzt bearbeitet 03.02.2025 21:03:06

A incorrect privilege assignment in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, FortiManager versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 thro...

9.8

CVE-2024-48886

  • EPSS 0.15%
  • Veröffentlicht 14.01.2025 14:15:33
  • Zuletzt bearbeitet 03.02.2025 22:16:04

A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiM...

7.2

CVE-2024-36512

  • EPSS 0.39%
  • Veröffentlicht 14.01.2025 14:15:30
  • Zuletzt bearbeitet 31.01.2025 16:32:26

An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.10 through 6.2.13 allows attacker to execute unauth...

8.8

CVE-2024-35275

  • EPSS 0.2%
  • Veröffentlicht 14.01.2025 14:15:29
  • Zuletzt bearbeitet 31.01.2025 16:49:57

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, FortiManager version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted ht...

7.2

CVE-2024-33502

  • EPSS 0.43%
  • Veröffentlicht 14.01.2025 14:15:29
  • Zuletzt bearbeitet 21.01.2025 21:03:02

An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer versions 7.4.0 through 7.4.2 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.12 and 6.4.0 through 6.4.14 and 6.2.0 through 6.2.12 ...