Fortinet Fortianalyzer Big Data — known CVE vulnerabilities
Every CVE whose affected-product data names Fortinet Fortianalyzer Big Data, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2024-23666 — CVSS 7.5 (high): A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData at least version 7.4.0 and 7.2.0 through 7.2.6 and…
CVE-2024-40584 — CVSS 7.2 (high): An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet…
CVE-2024-32118 — CVSS 6.7 (medium): Multiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet…
CVE-2023-41842 — CVSS 6.7 (medium): A use of externally-controlled format string vulnerability [CWE-134] vulnerability in Fortinet allows a privileged attacker to execute…
CVE-2024-31496 — CVSS 6.7 (medium): A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer…
CVE-2024-32123 — CVSS 6.7 (medium): Multiple improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager, FortiAnalyzer…
CVE-2025-49784 — CVSS 6.0 (medium): An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0…
CVE-2024-32116 — CVSS 5.1 (medium): Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5…
CVE-2023-44254 — CVSS 5.0 (medium): An authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer version 7.4.1 and before 7.2.5 and…
CVE-2024-32117 — CVSS 4.9 (medium): An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version…
CVE-2024-33501 — CVSS 4.2 (medium): Two improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiAnalyzer…
CVE-2023-44255 — CVSS 4.1 (medium): An exposure of sensitive information to an unauthorized actor [CWE-200] in Fortinet FortiManager before 7.4.2, FortiAnalyzer before 7.4.2…
CVE-2024-35274 — CVSS 2.3 (low): An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiAnalyzer versions…