Skip to main content

Fortianalyzer Big Data

8 CVEs product

Monthly

CVE-2025-49784 MEDIUM This Month

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer-BigData 7.6.0, FortiAnalyzer-BigData 7.4.0 through 7.4.4, FortiAnalyzer-BigData 7.2 all versions, FortiAnalyzer-BigData 7.0 all versions, FortiAnalyzer-BigData 6.4 all versions, FortiAnalyzer-BigData 6.2 all versions may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted requests. [CVSS 6.0 MEDIUM]

Fortinet SQLi Fortianalyzer Big Data Fortianalyzer
NVD VulDB
CVSS 3.1
6.0
EPSS
0.0%
CVE-2024-40584 HIGH This Week

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Fortinet Fortimanager Cloud Fortimanager Fortianalyzer Big Data +2
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2024-35274 LOW Monitor

An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiAnalyzer versions below 7.4.2, Fortinet FortiManager versions below 7.4.2 and. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Fortinet Path Traversal Fortianalyzer Fortianalyzer Big Data Fortimanager
NVD
CVSS 3.1
2.3
EPSS
0.2%
CVE-2024-32118 MEDIUM This Month

Multiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Fortinet Command Injection Fortianalyzer Fortianalyzer Big Data Fortimanager
NVD
CVSS 3.1
6.7
EPSS
0.6%
CVE-2024-32117 MEDIUM This Month

An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.4.0 through 7.4.2 and below 7.2.5, FortiAnalyzer version. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Fortinet Fortianalyzer Fortianalyzer Big Data Fortimanager
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2024-32116 MEDIUM This Month

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Fortinet Path Traversal Fortianalyzer Fortianalyzer Big Data Fortimanager
NVD
CVSS 3.1
6.0
EPSS
0.2%
CVE-2024-31496 MEDIUM This Month

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Fortinet Stack Overflow Fortianalyzer Fortianalyzer Big Data +1
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2024-23666 HIGH This Week

A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData at least version 7.4.0 and 7.2.0 through 7.2.6 and 7.0.1 through 7.0.6 and 6.4.5 through 6.4.7 and 6.2.5,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Fortinet Information Disclosure Fortianalyzer Fortianalyzer Big Data Fortimanager
NVD
CVSS 3.1
8.8
EPSS
2.7%
EPSS 0% CVSS 6.0
MEDIUM This Month

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer-BigData 7.6.0, FortiAnalyzer-BigData 7.4.0 through 7.4.4, FortiAnalyzer-BigData 7.2 all versions, FortiAnalyzer-BigData 7.0 all versions, FortiAnalyzer-BigData 6.4 all versions, FortiAnalyzer-BigData 6.2 all versions may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted requests. [CVSS 6.0 MEDIUM]

Fortinet SQLi Fortianalyzer Big Data +1
NVD VulDB
EPSS 0% CVSS 7.2
HIGH This Week

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Fortinet Fortimanager Cloud +4
NVD
EPSS 0% CVSS 2.3
LOW Monitor

An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiAnalyzer versions below 7.4.2, Fortinet FortiManager versions below 7.4.2 and. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Fortinet Path Traversal Fortianalyzer +2
NVD
EPSS 1% CVSS 6.7
MEDIUM This Month

Multiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Fortinet Command Injection Fortianalyzer +2
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.4.0 through 7.4.2 and below 7.2.5, FortiAnalyzer version. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Fortinet Fortianalyzer +2
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Fortinet Path Traversal Fortianalyzer +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Fortinet Stack Overflow +3
NVD
EPSS 3% CVSS 8.8
HIGH This Week

A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData at least version 7.4.0 and 7.2.0 through 7.2.6 and 7.0.1 through 7.0.6 and 6.4.5 through 6.4.7 and 6.2.5,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Fortinet Information Disclosure Fortianalyzer +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy