Total vulnerabilities in the database
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiAnalyzer versions below 7.4.2, Fortinet FortiManager versions below 7.4.2 and Fortinet FortiAnalyzer-BigData version 7.4.0 and below 7.2.7 allows a privileged attacker with read write administrative privileges to create non-arbitrary files on a chosen directory via crafted CLI requests.
| Software | From | Fixed in |
|---|---|---|
| fortinet / fortianalyzer | 6.2.0 | 7.4.3 |
| fortinet / fortimanager | 6.2.0 | 7.4.3 |
| fortinet / fortianalyzer_big_data | 6.2.1 | 7.4.1 |