296,489
Total vulnerabilities in the database
Two improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5, FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker to execute unauthorized code or commands via specifically crafted CLI requests.
Software | From | Fixed in |
---|---|---|
fortinet / fortianalyzer | 7.4.0 | 7.4.3 |
fortinet / fortianalyzer | 6.4.0 | 7.2.6 |
fortinet / fortianalyzer_big_data | 7.4.0 | 7.4.0.x |
fortinet / fortianalyzer_big_data | 6.4.5 | 7.2.8 |
fortinet / fortimanager | 7.4.0 | 7.4.3 |
fortinet / fortimanager | 6.0.10 | 6.0.12.x |
fortinet / fortimanager | 6.2.8 | 7.2.6 |