Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    Home FortiDAST 24.1.0 User Guide
    24.1.0
    24.3.a
    24.3.0
    24.2.0
    24.1.0
    23.4.0
    23.3.a
    23.3.0
    23.2.0
    23.1.a
    23.1.0

    Outbreak Alerts

    Outbreak Alerts

    Click Outbreak Alerts in the top right corner of the dashboard page to view all the outbreak alerts detected in the top 5 assets scanned.

    Click on the name of the alert to access additional information. Each alert in the Outbreak Alerts pane includes:

    • Name of the alert

    • Severity level

    • Last revised date

    • Description of the vulnerability

    Following are the supported vulnerabilities for outbreak alerts in FortiDAST.

    CVE

    Vulnerability
    CVE-2021-26085 Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability.
    CVE-2021-26086 Atlassian JIRA Path Traversal Vulnerability.
    CVE-2022-0543 Debian-specific Redis Server Lua Sandbox Escape Vulnerability.

    CVE-2022-22963

    Spring Cloud Function 3.1.6, 3.2.2 and older Remote Code Execution Vulnerability.

    CVE-2022-22965

    Spring Framework 5.2.x/5.3.x Remote Code Execution Vulnerability.

    CVE-2022-22980

    Spring Data MongoDB SpEL Expression injection vulnerability through annotated repository query methods.

    CVE-2022-35914

    GLPI PHP code injection via htmlawed module.

    CVE-2023-23752

    Joomla improper access check.

    CVE-202-22205

    Remote Code Execution vulnerability in Gitlab CE/E.

    CVE-2021-44228

    Apache Log4j JNDI Injection (aka Log4Shell).

    CVE-2021-22005

    VMware vCenter Server 6.7 - 6.7 Update 3o and 7.0 - 7.0 Update 2c Customer Experience Improvement Program (CEIP) service unauthenticated arbitrary file upload vulnerability.

    CVE-2021-21974

    VMWare ESXi OpenSLP Unauthenticated Remote Code Execution.

    CVE-2021-45046

    Apache-log4j-jndi-injection-log4shell-bypass.

    CVE-2021-40539

    Zoho ManageEngine ADSelfService Plus authentication bypass vulnerability.

    CVE-2021-41773

    Apache HTTP Server Path Traversal.

    CVE-2021-42013

    Apache HTTP Server 2.4.50 Path Traversal.

    CVE-2022-41082

    Microsoft Exchange Proxynotshell Remote Code Execution.

    CVE-2022-46169

    Cacti command injection vulnerability.

    CVE-2023-28121

    WooCommerce Payment WordPress Plugin authentication bypass to gain administrative privileges.

    CVE-2023-35078

    MobileIron Core Unauthenticated API Access Vulnerability.

    CVE-2023-27350

    PaperCut MF/NG Improper Access Control Vulnerability.

    CVE-2021-35394

    Realtek Jungle SDK Remote Code Execution Vulnerability.

    CVE-2023-33246

    Apache RocketMQ Remote Code Execution Vulnerability.

    CVE-2023-1389

    TP-Link Archer AX-21 Command Injection Vulnerability.

    CVE-2023-42793

    JetBrains TeamCity Authentication Bypass Attack.

    CVE-2022-29303

    SolarView Compact Command Injection Vulnerability.

    CVE-2017-11317

    Progress Telerik UI Attack.

    CVE-2023-4966

    Citrix Bleed Attack.

    CVE-2023-26360

    Adobe ColdFusion Deserialization of Untrusted Data Vulnerabilities.

    CVE-2018-9995

    TBK DVR Authentication Bypass Attack.

    CVE-2023-20887

    VMware Aria Operations for Networks Command Injection Vulnerability.

    CVE-2024-20767

    ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control.

    CVE-2024-27198

    A critical authentication bypass vulnerability in the web component of JetBrains TeamCity versions before 2023.11.4.

    CVE-2024-3400

    Palo Alto Networks PAN-OS Command Injection Vulnerability.

    CVE-2022-4257

    Unauthorized RCE vulnerability in the C-Data web management system.

    CVE-2024-24919

    Arbitrary File Read in Check Point SVN, which allows an attacker to read certain information on Check Point Security.

    CVE-2024-1709

    ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass to RCE.

    CVE-2024-3273

    A vulnerability in D-Link NAS devices that allows remote attackers to execute arbitrary commands via a crafted HTTP request to the cgi-bin/nas_sharing.cgi endpoint.

    CVE-2021-40655

    Sensitive information disclosure vulnerability in D-Link dir-605 Hardware.

    CVE-2014-100005

    D-Link DIR-600 routers with firmware before 2.17b02 has Cross-Site Request Forgery.

    Notes:

    • To detect Debian-specific Redis vulnerability - CVE-2022-0543 as an outbreak alert, FortiDAST Scripting Engine (FSE) must be enabled.

    • To detect CVE-2021-26085 or CVE-2021-26086 as an outbreak alert, you must add the base URL of Atlassian Confluence or JIRA as target respectively.

    Previous
    Next

    Outbreak Alerts

    Outbreak Alerts

    Click Outbreak Alerts in the top right corner of the dashboard page to view all the outbreak alerts detected in the top 5 assets scanned.

    Click on the name of the alert to access additional information. Each alert in the Outbreak Alerts pane includes:

    • Name of the alert

    • Severity level

    • Last revised date

    • Description of the vulnerability

    Following are the supported vulnerabilities for outbreak alerts in FortiDAST.

    CVE

    Vulnerability
    CVE-2021-26085 Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability.
    CVE-2021-26086 Atlassian JIRA Path Traversal Vulnerability.
    CVE-2022-0543 Debian-specific Redis Server Lua Sandbox Escape Vulnerability.

    CVE-2022-22963

    Spring Cloud Function 3.1.6, 3.2.2 and older Remote Code Execution Vulnerability.

    CVE-2022-22965

    Spring Framework 5.2.x/5.3.x Remote Code Execution Vulnerability.

    CVE-2022-22980

    Spring Data MongoDB SpEL Expression injection vulnerability through annotated repository query methods.

    CVE-2022-35914

    GLPI PHP code injection via htmlawed module.

    CVE-2023-23752

    Joomla improper access check.

    CVE-202-22205

    Remote Code Execution vulnerability in Gitlab CE/E.

    CVE-2021-44228

    Apache Log4j JNDI Injection (aka Log4Shell).

    CVE-2021-22005

    VMware vCenter Server 6.7 - 6.7 Update 3o and 7.0 - 7.0 Update 2c Customer Experience Improvement Program (CEIP) service unauthenticated arbitrary file upload vulnerability.

    CVE-2021-21974

    VMWare ESXi OpenSLP Unauthenticated Remote Code Execution.

    CVE-2021-45046

    Apache-log4j-jndi-injection-log4shell-bypass.

    CVE-2021-40539

    Zoho ManageEngine ADSelfService Plus authentication bypass vulnerability.

    CVE-2021-41773

    Apache HTTP Server Path Traversal.

    CVE-2021-42013

    Apache HTTP Server 2.4.50 Path Traversal.

    CVE-2022-41082

    Microsoft Exchange Proxynotshell Remote Code Execution.

    CVE-2022-46169

    Cacti command injection vulnerability.

    CVE-2023-28121

    WooCommerce Payment WordPress Plugin authentication bypass to gain administrative privileges.

    CVE-2023-35078

    MobileIron Core Unauthenticated API Access Vulnerability.

    CVE-2023-27350

    PaperCut MF/NG Improper Access Control Vulnerability.

    CVE-2021-35394

    Realtek Jungle SDK Remote Code Execution Vulnerability.

    CVE-2023-33246

    Apache RocketMQ Remote Code Execution Vulnerability.

    CVE-2023-1389

    TP-Link Archer AX-21 Command Injection Vulnerability.

    CVE-2023-42793

    JetBrains TeamCity Authentication Bypass Attack.

    CVE-2022-29303

    SolarView Compact Command Injection Vulnerability.

    CVE-2017-11317

    Progress Telerik UI Attack.

    CVE-2023-4966

    Citrix Bleed Attack.

    CVE-2023-26360

    Adobe ColdFusion Deserialization of Untrusted Data Vulnerabilities.

    CVE-2018-9995

    TBK DVR Authentication Bypass Attack.

    CVE-2023-20887

    VMware Aria Operations for Networks Command Injection Vulnerability.

    CVE-2024-20767

    ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control.

    CVE-2024-27198

    A critical authentication bypass vulnerability in the web component of JetBrains TeamCity versions before 2023.11.4.

    CVE-2024-3400

    Palo Alto Networks PAN-OS Command Injection Vulnerability.

    CVE-2022-4257

    Unauthorized RCE vulnerability in the C-Data web management system.

    CVE-2024-24919

    Arbitrary File Read in Check Point SVN, which allows an attacker to read certain information on Check Point Security.

    CVE-2024-1709

    ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass to RCE.

    CVE-2024-3273

    A vulnerability in D-Link NAS devices that allows remote attackers to execute arbitrary commands via a crafted HTTP request to the cgi-bin/nas_sharing.cgi endpoint.

    CVE-2021-40655

    Sensitive information disclosure vulnerability in D-Link dir-605 Hardware.

    CVE-2014-100005

    D-Link DIR-600 routers with firmware before 2.17b02 has Cross-Site Request Forgery.

    Notes:

    • To detect Debian-specific Redis vulnerability - CVE-2022-0543 as an outbreak alert, FortiDAST Scripting Engine (FSE) must be enabled.

    • To detect CVE-2021-26085 or CVE-2021-26086 as an outbreak alert, you must add the base URL of Atlassian Confluence or JIRA as target respectively.

    Previous
    Next