Fortinet Fortianalyzer vulnerabilities

CVE-2023-25606 [MEDIUM] CWE-22 CVE-2023-25606: An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-23] in FortiAnalyzer and FortiManager management interface 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions may allow a remote and authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web re

CVE-2023-25609 [MEDIUM] CWE-918 CVE-2023-25609: A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7 A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 through 6.4.11 may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests.

CVE-2023-22642 [HIGH] CWE-295 CVE-2023-22642: An improper certificate validation vulnerability [CWE-295] in FortiAnalyzer and FortiManager 7.2.0 t An improper certificate validation vulnerability [CWE-295] in FortiAnalyzer and FortiManager 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4.8 through 6.4.10 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the device and the remote FortiGuard server hosting outbreakalert ressourc

CVE-2022-42477 [MEDIUM] CWE-20 CVE-2022-42477: An improper input validation vulnerability [CWE-20] in FortiAnalyzer version 7.2.1 and below, versio An improper input validation vulnerability [CWE-20] in FortiAnalyzer version 7.2.1 and below, version 7.0.6 and below, 6.4 all versions may allow an authenticated attacker to disclose file system information via custom dataset SQL queries.

CVE-2023-25611 [HIGH] CWE-1236 CVE-2023-25611: A improper neutralization of formula elements in a CSV file vulnerability in Fortinet FortiAnalyzer A improper neutralization of formula elements in a CSV file vulnerability in Fortinet FortiAnalyzer 6.4.0 - 6.4.9, 7.0.0 - 7.0.5, and 7.2.0 - 7.2.1 allows local attacker to execute unauthorized code or commands via inserting spreadsheet formulas in macro names.

CVE-2022-27490 [MEDIUM] CWE-200 CVE-2022-27490: A exposure of sensitive information to an unauthorized actor in Fortinet FortiManager version 6.0.0 A exposure of sensitive information to an unauthorized actor in Fortinet FortiManager version 6.0.0 through 6.0.4, FortiAnalyzer version 6.0.0 through 6.0.4, FortiPortal version 6.0.0 through 6.0.9, 5.3.0 through 5.3.8, 5.2.x, 5.1.0, 5.0.x, 4.2.x, 4.1.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.x, 6.0.x allows an attacker wh

CVE-2023-23776 [LOW] CWE-200 CVE-2023-23776: An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiAnalyz An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiAnalyzer versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4 and 6.4.0 through 6.4.10 may allow a remote authenticated attacker to read the client machine password in plain text in a heartbeat response when a log-fetch request is made from the FortiAnalyzer

CVE-2022-30304 [MEDIUM] CWE-79 CVE-2022-30304: An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAnalyz An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAnalyzer versions prior to 7.2.1, 7.0.4 and 6.4.8 may allow a remote unauthenticated attacker to perform a stored cross site scripting (XSS) attack via the URL parameter observed in the FortiWeb attack event logview in FortiAnalyzer.

CVE-2022-38377 [LOW] CWE-284 CVE-2022-38377: An improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 through 7.0.3, 6.4.0 An improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11 and FortiAnalyzer 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.0 through 6.0.12 may allow a remote and authenticated admin user assigned to a specific ADOM to access

CVE-2022-39950 [MEDIUM] CVE-2022-39950: An improper neutralization of input during web page generation vulnerability [CWE-79] exists in Fort An improper neutralization of input during web page generation vulnerability [CWE-79] exists in FortiManager and FortiAnalyzer 6.0.0 all versions, 6.2.0 all versions, 6.4.0 through 6.4.8, and 7.0.0 through 7.0.4. Report templates may allow a low privilege level attacker to perform an XSS attack via posting a crafted CKeditor "protected" comment as described

CVE-2022-26121 [MEDIUM] CWE-668 CVE-2022-26121: An exposure of resource to wrong sphere vulnerability [CWE-668] in FortiAnalyzer and FortiManager GU An exposure of resource to wrong sphere vulnerability [CWE-668] in FortiAnalyzer and FortiManager GUI 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11, 5.6.0 through 5.6.11 may allow an unauthenticated and remote attacker to access report template images via referencing the name in the URL path.

CVE-2022-27483 [HIGH] CWE-78 CVE-2022-27483: A improper neutralization of special elements used in an os command ('os command injection') in Fort A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager version 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.x and 6.0.x and FortiAnalyzer version 7.0.0 through 7.0.3, version 6.4.0 through 6.4.7, 6.2.x and 6.0.x allows attacker to execute arbitrary shell code as `root` user via `diagnose s

CVE-2022-26118 [MEDIUM] CWE-269 CVE-2022-26118: A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 t A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer 6.0.x, 6.2.x, 6.4.0 through 6.4.7, 7.0.0 through 7.0.3 may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect permissions of some folders and executable files on the system.

CVE-2021-26104 [HIGH] CWE-78 CVE-2021-26104: Multiple OS command injection (CWE-78) vulnerabilities in the command line interface of FortiManager Multiple OS command injection (CWE-78) vulnerabilities in the command line interface of FortiManager 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, FortiAnalyzer 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, and FortiPortal 5.2.5 and below, 5.3.5 and below and 6.0.4 and below may allow a loca

CVE-2022-22300 [HIGH] CWE-755 CVE-2022-22300: A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5.6. A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5.6.0 through 5.6.11, FortiAnalyzer version 6.0.0 through 6.0.11, FortiAnalyzer version 6.2.0 through 6.2.9, FortiAnalyzer version 6.4.0 through 6.4.7, FortiAnalyzer version 7.0.0 through 7 .0.2, FortiManager version 5.6.0 through 5.6.11, FortiManager versi

CVE-2021-42757 [MEDIUM] CWE-120 CVE-2021-42757: A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 thr A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.

CVE-2020-12814 [MEDIUM] CWE-79 CVE-2020-12814: A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet F A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiAnalyzer version 6.0.6 and below, version 6.4.4 allows attacker to execute unauthorized code or commands via specifically crafted requests to the web GUI.

CVE-2021-24021 [MEDIUM] CWE-79 CVE-2021-24021: An improper neutralization of input vulnerability [CWE-79] in FortiAnalyzer versions 6.4.3 and below An improper neutralization of input vulnerability [CWE-79] in FortiAnalyzer versions 6.4.3 and below, 6.2.7 and below and 6.0.10 and below may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the column settings of Logview in FortiAnalyzer, should the attacker be able to obtain that POST request, via oth

CVE-2021-36170 [LOW] CWE-522 CVE-2021-36170: An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions 7.0 An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions 7.0.0 and 6.4.6 and below may allow an authenticated attacker to read the FortiCloud credentials which were used to activate the trial license in cleartext.

CVE-2021-32587 [MEDIUM] CVE-2021-32587: An improper access control vulnerability in FortiManager and FortiAnalyzer GUI interface 7.0.0, 6.4. An improper access control vulnerability in FortiManager and FortiAnalyzer GUI interface 7.0.0, 6.4.5 and below, 6.2.8 and below, 6.0.11 and below, 5.6.11 and below may allow a remote and authenticated attacker with restricted user profile to retrieve the list of administrative users of other ADOMs and their related configuration.