Fortianalyzer@7.2.1 Security Vulnerabilities and Issues — Fortianalyzer@7.2.1 CVE List

Lucene search

FortinetFortianalyzer7.2.1

3 matches found

CVE•added 2023/10/10 5:15 p.m.•58 views

CVE-2023-25607

An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78 ] in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions, FortiAnalyzer 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 thr...

7.8CVSS7.9AI score0.00151EPSS

CVE•added 2023/06/13 9:15 a.m.•51 views

CVE-2023-25609

A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 through 6.4.11 may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests.

6.5CVSS6.4AI score0.00158EPSS

CVE•added 2023/02/16 7:15 p.m.•45 views

CVE-2022-30304

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAnalyzer versions prior to 7.2.1, 7.0.4 and 6.4.8 may allow a remote unauthenticated attacker to perform a stored cross site scripting (XSS) attack via the URL parameter observed in the FortiWeb attack eve...

6.1CVSS6AI score0.00218EPSS