Fortinet

Fortianalyzer

83 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2024-31496

  • EPSS 0.07%
  • Veröffentlicht 12.11.2024 19:15:08
  • Zuletzt bearbeitet 21.01.2025 22:11:48

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData 7.4.0 and before 7.2.7 allows a privileg...

6

CVE-2024-32116

  • EPSS 0.14%
  • Veröffentlicht 12.11.2024 19:15:08
  • Zuletzt bearbeitet 21.01.2025 22:19:07

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allow...

8.8

CVE-2024-23666

  • EPSS 7.65%
  • Veröffentlicht 12.11.2024 19:15:07
  • Zuletzt bearbeitet 21.01.2025 22:04:37

A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData at least version 7.4.0 and 7.2.0 through 7.2.6 and 7.0.1 through 7.0.6 and 6.4.5 through 6.4.7 and 6.2.5, FortiManager version 7.4.0 through 7.4.1 and 7.2.0 through...

4.1

CVE-2023-44255

  • EPSS 0.13%
  • Veröffentlicht 12.11.2024 19:15:06
  • Zuletzt bearbeitet 21.01.2025 22:02:45

An exposure of sensitive information to an unauthorized actor [CWE-200] in Fortinet FortiManager before 7.4.2, FortiAnalyzer before 7.4.2 and FortiAnalyzer-BigData before 7.2.5 may allow a privileged attacker with administrative read permissions to r...

7.2

CVE-2024-45330

  • EPSS 0.21%
  • Veröffentlicht 08.10.2024 15:15:15
  • Zuletzt bearbeitet 19.10.2024 00:41:09

A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.2 through 7.2.5 allows attacker to escalate its privileges via specially crafted requests.

6.5

CVE-2023-44254

  • EPSS 0.25%
  • Veröffentlicht 10.09.2024 15:15:14
  • Zuletzt bearbeitet 12.12.2024 13:56:07

An authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer version 7.4.1 and before 7.2.5 and FortiManager version 7.4.1 and before 7.2.5 may allow a remote attacker with low privileges to read sensitive data via a c...

7.8

CVE-2024-21757

  • EPSS 0.14%
  • Veröffentlicht 13.08.2024 16:15:08
  • Zuletzt bearbeitet 22.08.2024 14:34:54

A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and ve...

6.7

CVE-2023-41842

  • EPSS 0.08%
  • Veröffentlicht 12.03.2024 15:15:45
  • Zuletzt bearbeitet 14.01.2026 14:16:08

A use of externally-controlled format string vulnerability [CWE-134] vulnerability in Fortinet allows a privileged attacker to execute unauthorized code or commands via specially crafted command arguments.

5

CVE-2023-44253

  • EPSS 0.33%
  • Veröffentlicht 15.02.2024 14:15:44
  • Zuletzt bearbeitet 21.11.2024 08:25:31

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiManager version 7.4.0 through 7.4.1 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.1 and before 7.2.5 and FortiAnalyzer-BigData before 7...

5.5

CVE-2023-40719

  • EPSS 0.05%
  • Veröffentlicht 14.11.2023 19:15:30
  • Zuletzt bearbeitet 21.11.2024 08:20:01

A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 - 7.0.8, 7.2.0 - 7.2.3 and 7.4.0 allows an attacker to access Fortinet private testing data via the use of static credentials.