Fortinet Fortianalyzer Big Data
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Fortinet Fortianalyzer Big Data.
By the Year
In 2025 there have been 0 vulnerabilities in Fortinet Fortianalyzer Big Data. Last year, in 2024 Fortianalyzer Big Data had 8 security vulnerabilities published. Right now, Fortianalyzer Big Data is on track to have less security vulnerabilities in 2025 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 8 | 5.75 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Fortianalyzer Big Data vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Fortinet Fortianalyzer Big Data Security Vulnerabilities
Fortinet FortiAnalyzer/FortiManager Path Traversal Vulnerability
CVE-2024-35274
2.3 - Low
- November 12, 2024
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiAnalyzer versions below 7.4.2, Fortinet FortiManager versions below 7.4.2 and Fortinet FortiAnalyzer-BigData version 7.4.0 and below 7.2.7 allows a privileged attacker with read write administrative privileges to create non-arbitrary files on a chosen directory via crafted CLI requests.
Directory traversal
Fortinet FortiManager/FortiAnalyzer OS Command Injection Vulnerability
CVE-2024-32118
6.7 - Medium
- November 12, 2024
Multiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and Fortinet FortiAnalyzer-BigData before 7.4.0 allows an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI requests.
Shell injection
Fortinet FortiManager/FortiAnalyzer Path Traversal Vulnerability
CVE-2024-32117
4.9 - Medium
- November 12, 2024
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.4.0 through 7.4.2 and below 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and below 7.2.5 & FortiAnalyzer-BigData version 7.4.0 and below 7.2.7 allows a privileged attacker to read arbitrary files from the underlying system via crafted HTTP or HTTPs requests.
Directory traversal
Fortinet FortiManager/FortiAnalyzer/FortiAnalyzer-BigData: Multiple Relative Path Traversal Vulnerab
CVE-2024-32116
6 - Medium
- November 12, 2024
Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker to delete files from the underlying filesystem via crafted CLI requests.
Directory traversal
Fortinet FortiManager/FortiAnalyzer Stack-Based Buffer Overflow Vulnerability
CVE-2024-31496
6.7 - Medium
- November 12, 2024
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData 7.4.0 and before 7.2.7 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests.
Memory Corruption
Fortinet FortiAnalyzer-BigData: Client-Side Enforcement of Server-Side Security Vulnerability
CVE-2024-23666
8.8 - High
- November 12, 2024
A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData at least version 7.4.0 and 7.2.0 through 7.2.6 and 7.0.1 through 7.0.6 and 6.4.5 through 6.4.7 and 6.2.5, FortiManager version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.4 and 7.0.0 through 7.0.11 and 6.4.0 through 6.4.14, FortiAnalyzer version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.4 and 7.0.0 through 7.0.11 and 6.4.0 through 6.4.14 allows attacker to improper access control via crafted requests.
Client-Side Enforcement of Server-Side Security
An exposure of sensitive information to an unauthorized actor [CWE-200] in Fortinet FortiManager before 7.4.2, FortiAnalyzer before 7.4.2 and FortiAnalyzer-BigData before 7.2.5 may
CVE-2023-44255
4.1 - Medium
- November 12, 2024
An exposure of sensitive information to an unauthorized actor [CWE-200] in Fortinet FortiManager before 7.4.2, FortiAnalyzer before 7.4.2 and FortiAnalyzer-BigData before 7.2.5 may allow a privileged attacker with administrative read permissions to read event logs of another adom via crafted HTTP or HTTPs requests.
Privacy violation
An authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer version 7.4.1 and before 7.2.5 and FortiManager version 7.4.1 and before 7.2.5 may
CVE-2023-44254
6.5 - Medium
- September 10, 2024
An authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer version 7.4.1 and before 7.2.5 and FortiManager version 7.4.1 and before 7.2.5 may allow a remote attacker with low privileges to read sensitive data via a crafted HTTP request.
Insecure Direct Object Reference / IDOR
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Fortinet Fortianalyzer Big Data or by Fortinet? Click the Watch button to subscribe.