Search
Search Results (105 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-1354 | 1 Fortinet | 2 Fortianalyzer, Fortimanager | 2024-11-21 | N/A |
| An improper access control vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows a regular user edit the avatar picture of other users with arbitrary content. | ||||
| CVE-2018-13375 | 1 Fortinet | 2 Fortianalyzer, Fortimanager | 2024-11-21 | N/A |
| An Improper Neutralization of Script-Related HTML Tags in Fortinet FortiAnalyzer 5.6.0 and below and FortiManager 5.6.0 and below allows an attacker to send DHCP request containing malicious scripts in the HOSTNAME parameter. The malicious script code is executed while viewing the logs in FortiAnalyzer and FortiManager (with FortiAnalyzer feature enabled). | ||||
| CVE-2017-17541 | 1 Fortinet | 2 Fortianalyzer Firmware, Fortimanager Firmware | 2024-11-21 | N/A |
| A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.4 and below versions, FortiAnalyzer 6.0.0, 5.6.4 and below versions allows inject Javascript code and HTML tags through the CN value of CA and CRL certificates via the import CA and CRL certificates feature. | ||||
| CVE-2024-45330 | 1 Fortinet | 2 Fortianalyzer, Fortianalyzer Cloud | 2024-10-19 | 6.8 Medium |
| A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.2 through 7.2.5 allows attacker to escalate its privileges via specially crafted requests. | ||||
| CVE-2024-21757 | 1 Fortinet | 2 Fortianalyzer, Fortimanager | 2024-08-22 | 5.5 Medium |
| A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, allows an attacker to modify admin passwords via the device configuration backup. | ||||