NotCVE - vendor:"Fortinet" product:"FortiAnalyzer" version:" >= 7.2.2 <= 7.2.5"

Page 6 of 27 results (0.006 seconds)

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-23776

https://notcve.org/view.php?id=CVE-2023-23776

An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiAnalyzer versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4 and 6.4.0 through 6.4.10 may allow a remote authenticated attacker to read the client machine password in plain text in a heartbeat response when a log-fetch request is made from the FortiAnalyzer • https://fortiguard.com/psirt/FG-IR-22-447 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-25611

https://notcve.org/view.php?id=CVE-2023-25611

A improper neutralization of formula elements in a CSV file vulnerability in Fortinet FortiAnalyzer 6.4.0 - 6.4.9, 7.0.0 - 7.0.5, and 7.2.0 - 7.2.1 allows local attacker to execute unauthorized code or commands via inserting spreadsheet formulas in macro names. • https://fortiguard.com/psirt/FG-IR-22-488 • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •

1...4 5 6