Fortinet Fortianalyzer_big_data
13 CVEs affecting Fortinet Fortianalyzer_big_data. Latest disclosed: 2026-03-10. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-23666 | High | 7.5 | 2024-11-12 | A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData at least version 7.4.0 and 7.2.0 through 7.2.6 and 7.0.1 through 7.0.6 an… |
CVE-2024-40584 | High | 7.2 | 2025-02-11 | An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiAnalyzer version 7.4.0 th… |
CVE-2024-32123 | Medium | 6.7 | 2025-03-11 | Multiple improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager, FortiAnalyzer versions 7.4.0 thro… |
CVE-2024-32118 | Medium | 6.7 | 2024-11-12 | Multiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiManager version 7… |
CVE-2024-31496 | Medium | 6.7 | 2024-11-12 | A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 throug… |
CVE-2023-41842 | Medium | 6.7 | 2024-03-12 | A use of externally-controlled format string vulnerability [CWE-134] vulnerability in Fortinet allows a privileged attacker to execute unauthorized code or co… |
CVE-2025-49784 | Medium | 6.0 | 2026-03-10 | An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnaly… |
CVE-2024-32116 | Medium | 5.1 | 2024-11-12 | Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 th… |
CVE-2023-44254 | Medium | 5.0 | 2024-09-10 | An authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer version 7.4.1 and before 7.2.5 and FortiManager version 7.4.1 and… |
CVE-2024-32117 | Medium | 4.9 | 2024-11-12 | An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.4.0 through 7.4.2 a… |
CVE-2024-33501 | Medium | 4.2 | 2025-03-11 | Two improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiAnalyzer version 7.4.0 through… |
CVE-2023-44255 | Medium | 4.1 | 2024-11-12 | An exposure of sensitive information to an unauthorized actor [CWE-200] in Fortinet FortiManager before 7.4.2, FortiAnalyzer before 7.4.2 and FortiAnalyzer-Big… |
CVE-2024-35274 | Low | 2.3 | 2024-11-12 | An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiAnalyzer versions below 7.4.2, Fortin… |