Fortianalyzer-bigdata CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-41842	1 Fortinet	5 Fortianalyzer, Fortianalyzer-bigdata, Fortianalyzer Big Data and 2 more	2026-01-14	6.3 Medium
A use of externally-controlled format string vulnerability [CWE-134] vulnerability in Fortinet allows a privileged attacker to execute unauthorized code or commands via specially crafted command arguments.
CVE-2023-42782	1 Fortinet	3 Fortianalyzer, Fortianalyzer-bigdata, Fortimanager	2024-11-21	5 Medium
A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via the knoweldge of an authorized device serial number.

Page 1 of 1.