User Interface Overview

The FortiDAST solution provides an interactive and easy to use GUI which enables easy vulnerability assessment. The GUI home page contains 3 sections accessible from the left navigation menu.

Section	Description
	The dasboard displays the overall statistics and details for a scanned asset. See Dashboard
	The scans policy allows you add assets, authorize, and scan them for vulnerability scanning. The IP address/FQDN of web applications and the port are inputs on this page. The authorization and scan status of the assets are also displayed on this page. You can also configure the scanner for vulnerability assessment. See Vulnerability Assessment (scanning) of an Asset
	The scans overview displays the detailed scan result for vulnerability assessment. Scans Overview (Scan Result)

Notifications

Click on the icon to view the following notifications; notifications are retained for 7 days.

License about to expire
License expired
Alerts configured in custom settings of email notifications
WAF rules generated for the vulnerablities selected
The selected vulnerability is not detected for report generation
Scheduled portal upgrade
Portal upgrade completed

Outbreak Alerts

The FortiGuard labs will constantly monitor for potential security vulnerabilities and will designate certain CVEs as outbreak alerts if they are being widely exploited. All the outbreak alerts for the top 5 scanned assets can be viewed in the Dashboard page and asset specific outbreak alerts can be viewed in the Summary and Vulnerabilites pages.

Each alert in the Outbreak Alerts pane includes:

Name of the alert
Severity level
Last revised date
Description of the vulnerability

Following are the supported vulnerabilities for outbreak alerts in FortiDAST.

CVE	Vulnerability
CVE-2021-26085	Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability.
CVE-2021-26086	Atlassian JIRA Path Traversal Vulnerability.
CVE-2022-0543	Debian-specific Redis Server Lua Sandbox Escape Vulnerability.
CVE-2022-22963	Spring Cloud Function 3.1.6, 3.2.2 and older Remote Code Execution Vulnerability.
CVE-2022-22965	Spring Framework 5.2.x/5.3.x Remote Code Execution Vulnerability.
CVE-2022-22980	Spring Data MongoDB SpEL Expression injection vulnerability through annotated repository query methods.
CVE-2022-35914	GLPI PHP code injection via htmlawed module.
CVE-2023-23752	Joomla improper access check.
CVE-202-22205	Remote Code Execution vulnerability in Gitlab CE/E.
CVE-2021-44228	Apache Log4j JNDI Injection (aka Log4Shell).
CVE-2021-22005	VMware vCenter Server 6.7 - 6.7 Update 3o and 7.0 - 7.0 Update 2c Customer Experience Improvement Program (CEIP) service unauthenticated arbitrary file upload vulnerability.
CVE-2021-21974	VMWare ESXi OpenSLP Unauthenticated Remote Code Execution.
CVE-2021-45046	Apache-log4j-jndi-injection-log4shell-bypass.
CVE-2021-40539	Zoho ManageEngine ADSelfService Plus authentication bypass vulnerability.
CVE-2021-41773	Apache HTTP Server Path Traversal.
CVE-2021-42013	Apache HTTP Server 2.4.50 Path Traversal.
CVE-2022-41082	Microsoft Exchange Proxynotshell Remote Code Execution.
CVE-2022-46169	Cacti command injection vulnerability.
CVE-2023-28121	WooCommerce Payment WordPress Plugin authentication bypass to gain administrative privileges.
CVE-2023-35078	MobileIron Core Unauthenticated API Access Vulnerability.
CVE-2023-27350	PaperCut MF/NG Improper Access Control Vulnerability.
CVE-2021-35394	Realtek Jungle SDK Remote Code Execution Vulnerability.
CVE-2023-33246	Apache RocketMQ Remote Code Execution Vulnerability
CVE-2023-1389	TP-Link Archer AX-21 Command Injection Vulnerability

Notes:

To detect Debian-specific Redis vulnerability - CVE-2022-0543 as an outbreak alert, FortiDAST Scripting Engine (FSE) must be enabled.
To detect CVE-2021-26085 or CVE-2021-26086 as an outbreak alert, you must add the base URL of Atlassian Confluence or JIRA as target respectively.