The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Fortinet FortiAnalyzer Virtual Appliance

FortiOS, FortiAnalyzer, FortiManager: denial of service via Slow HTTP
An attacker can trigger a fatal error via Slow HTTP of FortiOS, FortiAnalyzer, FortiManager, in order to trigger a denial of service...
CERTFR-2020-AVI-068, CVE-2019-17657, FG-IR-19-013, VIGILANCE-VUL-31506
FortiOS: information disclosure via Backup Hard-coded Cryptographic Key
An attacker can bypass access restrictions to data via Backup Hard-coded Cryptographic Key of FortiOS, in order to obtain sensitive information...
CERTFR-2019-AVI-584, CVE-2019-6693, FG-IR-19-007, VIGILANCE-VUL-30915
Linux kernel: denial of service via TCP SACK Low MSS Panic
An attacker can send malicious TCP SACK Low MSS Panic packets to Linux kernel, in order to trigger a denial of service...
1074268, 1442037, ARUBA-PSA-2020-010, CERTFR-2019-AVI-276, CERTFR-2019-AVI-277, CERTFR-2019-AVI-278, CERTFR-2019-AVI-298, CERTFR-2019-AVI-303, CERTFR-2019-AVI-309, CERTFR-2019-AVI-429, CERTFR-2019-AVI-458, CERTFR-2019-AVI-561, CERTFR-2019-AVI-597, CERTFR-2020-AVI-575, cpujan2020, CTX256725, CVE-2019-11477, DLA-1823-1, DLA-1824-1, DSA-2019-117, DSA-4465-1, FEDORA-2019-6c3d89b3d0, FEDORA-2019-914542e05c, FG-IR-19-180, K78234183, openSUSE-SU-2019:1570-1, openSUSE-SU-2019:1571-1, openSUSE-SU-2019:1579-1, PAN-SA-2019-0013, RHSA-2019:1479-01, RHSA-2019:1480-01, RHSA-2019:1481-01, RHSA-2019:1482-01, RHSA-2019:1483-01, RHSA-2019:1484-01, RHSA-2019:1485-01, RHSA-2019:1486-01, RHSA-2019:1487-01, RHSA-2019:1488-01, RHSA-2019:1489-01, RHSA-2019:1490-01, RHSA-2019:1602-01, SA44193, SB10287, sk156192, SSA-462066, SSB-439005, SUSE-SU-2019:14089-1, SUSE-SU-2019:1527-1, SUSE-SU-2019:1529-1, SUSE-SU-2019:1530-1, SUSE-SU-2019:1532-1, SUSE-SU-2019:1533-1, SUSE-SU-2019:1534-1, SUSE-SU-2019:1535-1, SUSE-SU-2019:1536-1, SUSE-SU-2019:1550-1, SUSE-SU-2019:1692-1, SUSE-SU-2019:2430-1, SUSE-SU-2019:2450-1, SUSE-SU-2019:2950-1, SYMSA1492, Synology-SA-19:28, USN-4017-1, USN-4017-2, VIGILANCE-VUL-29543, VMSA-2019-0010, VMSA-2019-0010.1, VU#905115
Linux kernel: denial of service via TCP SACK Low MSS Resource
An attacker can trigger a fatal error via TCP SACK Low MSS Resource of the Linux kernel, in order to trigger a denial of service...
1074268, 6365341, ARUBA-PSA-2020-010, CERTFR-2019-AVI-277, CERTFR-2019-AVI-278, CERTFR-2019-AVI-298, CERTFR-2019-AVI-300, CERTFR-2019-AVI-429, CERTFR-2019-AVI-458, CERTFR-2019-AVI-597, CERTFR-2020-AVI-575, CERTFR-2021-AVI-146, cpujan2020, CVE-2019-11479, DLA-1823-1, DLA-1824-1, DSA-2019-117, DSA-4465-1, FEDORA-2019-6c3d89b3d0, FEDORA-2019-914542e05c, FG-IR-19-180, HPESBST04140, K35421172, openSUSE-SU-2019:1570-1, openSUSE-SU-2019:1571-1, openSUSE-SU-2019:1579-1, PAN-SA-2019-0013, RHSA-2019:1479-01, RHSA-2019:1480-01, RHSA-2019:1481-01, RHSA-2019:1482-01, RHSA-2019:1483-01, RHSA-2019:1484-01, RHSA-2019:1485-01, RHSA-2019:1486-01, RHSA-2019:1487-01, RHSA-2019:1488-01, RHSA-2019:1489-01, RHSA-2019:1490-01, RHSA-2019:1602-01, SA44193, SB10287, sk156192, SSA-462066, SSB-439005, SUSE-SU-2019:14089-1, SUSE-SU-2019:1527-1, SUSE-SU-2019:1529-1, SUSE-SU-2019:1530-1, SUSE-SU-2019:1532-1, SUSE-SU-2019:1533-1, SUSE-SU-2019:1534-1, SUSE-SU-2019:1535-1, SUSE-SU-2019:1536-1, SUSE-SU-2019:1550-1, SUSE-SU-2019:1692-1, SUSE-SU-2019:2430-1, SYMSA1492, Synology-SA-19:28, USN-4041-1, USN-4041-2, VIGILANCE-VUL-29546, VU#905115
Linux kernel: denial of service via TCP SACK Fragmented Retransmission Queue
An attacker can trigger a fatal error via TCP SACK Fragmented Retransmission Queue of the Linux kernel, in order to trigger a denial of service...
1074268, ARUBA-PSA-2020-010, CERTFR-2019-AVI-276, CERTFR-2019-AVI-277, CERTFR-2019-AVI-278, CERTFR-2019-AVI-298, CERTFR-2019-AVI-303, CERTFR-2019-AVI-309, CERTFR-2019-AVI-337, CERTFR-2019-AVI-429, CERTFR-2019-AVI-458, CERTFR-2019-AVI-597, CERTFR-2020-AVI-575, cpujan2020, CTX256725, CVE-2019-11478, DLA-1823-1, DLA-1824-1, DSA-2019-117, DSA-4465-1, FEDORA-2019-6c3d89b3d0, FEDORA-2019-914542e05c, FG-IR-19-180, K26618426, openSUSE-SU-2019:1570-1, openSUSE-SU-2019:1571-1, openSUSE-SU-2019:1579-1, PAN-SA-2019-0013, RHSA-2019:1479-01, RHSA-2019:1480-01, RHSA-2019:1481-01, RHSA-2019:1482-01, RHSA-2019:1483-01, RHSA-2019:1484-01, RHSA-2019:1485-01, RHSA-2019:1486-01, RHSA-2019:1487-01, RHSA-2019:1488-01, RHSA-2019:1489-01, RHSA-2019:1490-01, RHSA-2019:1602-01, SA44193, SB10287, sk156192, SSA-462066, SSB-439005, SUSE-SU-2019:14089-1, SUSE-SU-2019:1527-1, SUSE-SU-2019:1529-1, SUSE-SU-2019:1530-1, SUSE-SU-2019:1532-1, SUSE-SU-2019:1533-1, SUSE-SU-2019:1534-1, SUSE-SU-2019:1535-1, SUSE-SU-2019:1536-1, SUSE-SU-2019:1550-1, SUSE-SU-2019:1692-1, SUSE-SU-2019:1851-1, SUSE-SU-2019:1855-1, SUSE-SU-2019:2430-1, SUSE-SU-2019:2450-1, SYMSA1492, Synology-SA-19:28, USN-4017-1, USN-4017-2, VIGILANCE-VUL-29544, VMSA-2019-0010, VMSA-2019-0010.1, VU#905115
PostgreSQL: code execution via COPY TO/FROM PROGRAM
An attacker can use a vulnerability via COPY TO/FROM PROGRAM of PostgreSQL, in order to run code...
CERTFR-2020-AVI-395, CVE-2019-9193, FG-IR-19-294, VIGILANCE-VUL-28918
FortiAnalyzer: Cross Site Scripting via DHCP Hostname Parameter
An attacker can trigger a Cross Site Scripting via DHCP Hostname Parameter of FortiAnalyzer, in order to run JavaScript code in the context of the web site...
CERTFR-2018-AVI-560, CVE-2018-13375, FG-IR-18-121, VIGILANCE-VUL-27825
FortiAnalyzer, FortiManager: Cross Site Scripting via CA And CRL Certificate View Page
An attacker can trigger a Cross Site Scripting via CA And CRL Certificate View Page of FortiAnalyzer/FortiManager, in order to run JavaScript code in the context of the web site...
CERTFR-2018-AVI-326, CVE-2017-17541, FG-IR-17-305, VIGILANCE-VUL-26643
FortiAnalyzer, FortiManager: open redirect via PDF File
An attacker can deceive the user via PDF File of FortiAnalyzer/FortiManager, in order to redirect him to a malicious site...
CERTFR-2018-AVI-303, CVE-2018-1355, FG-IR-18-022, VIGILANCE-VUL-26527
FortiAnalyzer, FortiManager: Cross Site Scripting via Avatar Picture
An attacker can trigger a Cross Site Scripting via Avatar Picture of FortiAnalyzer/FortiManager, in order to run JavaScript code in the context of the web site...
CERTFR-2018-AVI-303, CVE-2018-1354, FG-IR-18-014, VIGILANCE-VUL-26526
Our database contains other pages. You can request a free trial to read them.

Display information about Fortinet FortiAnalyzer Virtual Appliance: