ByteOS Network

FortiAnalyzer-BigData

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2025-49784

Assigner-Fortinet, Inc.

View Details

Assigner-Fortinet, Inc.

CVSS Score-5.6||MEDIUM

EPSS-0.05% / 16.39%

7 Day CHG~0.00%

Published-10 Mar, 2026 | 16:44

Updated-12 Mar, 2026 | 21:19

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer-BigData 7.6.0, FortiAnalyzer-BigData 7.4.0 through 7.4.4, FortiAnalyzer-BigData 7.2 all versions, FortiAnalyzer-BigData 7.0 all versions, FortiAnalyzer-BigData 6.4 all versions, FortiAnalyzer-BigData 6.2 all versions may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted requests.

Vendor-Fortinet, Inc.

Product-fortianalyzer fortianalyzer_big_data FortiAnalyzer-BigData FortiAnalyzer

CWE ID-CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVE-2023-41842

Assigner-Fortinet, Inc.

View Details

Assigner-Fortinet, Inc.

CVSS Score-6.3||MEDIUM

EPSS-0.07% / 22.36%

7 Day CHG~0.00%

Published-12 Mar, 2024 | 15:09

Updated-14 Jan, 2026 | 14:16

A use of externally-controlled format string vulnerability [CWE-134] vulnerability in Fortinet allows a privileged attacker to execute unauthorized code or commands via specially crafted command arguments.

Vendor-Fortinet, Inc.

Product-fortianalyzer_big_data fortimanager fortiportal fortianalyzer FortiAnalyzer FortiManager FortiPortal FortiAnalyzer-BigData fortiportal fortimanager fortianalyzer

CWE ID-CWE-134

Use of Externally-Controlled Format String