Outbreak Alerts

Outbreak Alerts

Click Outbreak Alerts in the top right corner of the dashboard page to view all the outbreak alerts detected in the top 5 assets scanned.

Click on the name of the alert to access additional information. Each alert in the Outbreak Alerts pane includes:

Name of the alert
Severity level
Last revised date
Description of the vulnerability

Following are the supported vulnerabilities for outbreak alerts in FortiDAST.

CVE	Vulnerability
CVE-2021-26085	Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability.
CVE-2021-26086	Atlassian JIRA Path Traversal Vulnerability.
CVE-2022-0543	Debian-specific Redis Server Lua Sandbox Escape Vulnerability.
CVE-2022-22963	Spring Cloud Function 3.1.6, 3.2.2 and older Remote Code Execution Vulnerability.
CVE-2022-22965	Spring Framework 5.2.x/5.3.x Remote Code Execution Vulnerability.
CVE-2022-22980	Spring Data MongoDB SpEL Expression injection vulnerability through annotated repository query methods.
CVE-2022-35914	GLPI PHP code injection via htmlawed module.
CVE-2023-23752	Joomla improper access check.
CVE-202-22205	Remote Code Execution vulnerability in Gitlab CE/E.
CVE-2021-44228	Apache Log4j JNDI Injection (aka Log4Shell).
CVE-2021-22005	VMware vCenter Server 6.7 - 6.7 Update 3o and 7.0 - 7.0 Update 2c Customer Experience Improvement Program (CEIP) service unauthenticated arbitrary file upload vulnerability.
CVE-2021-21974	VMWare ESXi OpenSLP Unauthenticated Remote Code Execution.
CVE-2021-45046	Apache-log4j-jndi-injection-log4shell-bypass.
CVE-2021-40539	Zoho ManageEngine ADSelfService Plus authentication bypass vulnerability.
CVE-2021-41773	Apache HTTP Server Path Traversal.
CVE-2021-42013	Apache HTTP Server 2.4.50 Path Traversal.
CVE-2022-41082	Microsoft Exchange Proxynotshell Remote Code Execution.
CVE-2022-46169	Cacti command injection vulnerability.
CVE-2023-28121	WooCommerce Payment WordPress Plugin authentication bypass to gain administrative privileges.
CVE-2023-35078	MobileIron Core Unauthenticated API Access Vulnerability.
CVE-2023-27350	PaperCut MF/NG Improper Access Control Vulnerability.
CVE-2021-35394	Realtek Jungle SDK Remote Code Execution Vulnerability.
CVE-2023-33246	Apache RocketMQ Remote Code Execution Vulnerability.
CVE-2023-1389	TP-Link Archer AX-21 Command Injection Vulnerability.
CVE-2023-42793	JetBrains TeamCity Authentication Bypass Attack.
CVE-2022-29303	SolarView Compact Command Injection Vulnerability.
CVE-2017-11317	Progress Telerik UI Attack.
CVE-2023-4966	Citrix Bleed Attack.
CVE-2023-26360	Adobe ColdFusion Deserialization of Untrusted Data Vulnerabilities.
CVE-2018-9995	TBK DVR Authentication Bypass Attack.
CVE-2023-20887	VMware Aria Operations for Networks Command Injection Vulnerability.
CVE-2024-20767	ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control.
CVE-2024-27198	A critical authentication bypass vulnerability in the web component of JetBrains TeamCity versions before 2023.11.4.
CVE-2024-3400	Palo Alto Networks PAN-OS Command Injection Vulnerability.
CVE-2022-4257	Unauthorized RCE vulnerability in the C-Data web management system.
CVE-2024-24919	Arbitrary File Read in Check Point SVN, which allows an attacker to read certain information on Check Point Security.
CVE-2024-1709	ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass to RCE.
CVE-2024-3273	A vulnerability in D-Link NAS devices that allows remote attackers to execute arbitrary commands via a crafted HTTP request to the cgi-bin/nas_sharing.cgi endpoint.
CVE-2021-40655	Sensitive information disclosure vulnerability in D-Link dir-605 Hardware.
CVE-2014-100005	D-Link DIR-600 routers with firmware before 2.17b02 has Cross-Site Request Forgery.
CVE-2024-4577	A critical PHP remote code execution vulnerability.
CVE-2022-40881	SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php.
CVE-2024-4879	Jelly Template Injection on ServiceNow.
CVE-2024-5217	ServiceNow - Incomplete Input Validation.
CVE-2023-29298	Adobe ColdFusion Access Control Bypass.
CVE-2023-38205	Adobe ColdFusion Access Control Bypass.
CVE-2024-36104	Apache OFBiz - Path Traversal.
CVE-2024-38856	Apache OFBiz - Remote Code Execution.
CVE-2024-22024	A XXE vulnerability in the SAML component of Ivanti Connect Secure, Ivanti Policy Secure and ZTA gateway.
CVE-2024-21893	A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure.

Notes:

To detect Debian-specific Redis vulnerability - CVE-2022-0543 as an outbreak alert, FortiDAST Scripting Engine (FSE) must be enabled.
To detect CVE-2021-26085 or CVE-2021-26086 as an outbreak alert, you must add the base URL of Atlassian Confluence or JIRA as target respectively.

Outbreak Alerts

Click Outbreak Alerts in the top right corner of the dashboard page to view all the outbreak alerts detected in the top 5 assets scanned.

Click on the name of the alert to access additional information. Each alert in the Outbreak Alerts pane includes:

Name of the alert
Severity level
Last revised date
Description of the vulnerability

Following are the supported vulnerabilities for outbreak alerts in FortiDAST.

CVE	Vulnerability
CVE-2021-26085	Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability.
CVE-2021-26086	Atlassian JIRA Path Traversal Vulnerability.
CVE-2022-0543	Debian-specific Redis Server Lua Sandbox Escape Vulnerability.
CVE-2022-22963	Spring Cloud Function 3.1.6, 3.2.2 and older Remote Code Execution Vulnerability.
CVE-2022-22965	Spring Framework 5.2.x/5.3.x Remote Code Execution Vulnerability.
CVE-2022-22980	Spring Data MongoDB SpEL Expression injection vulnerability through annotated repository query methods.
CVE-2022-35914	GLPI PHP code injection via htmlawed module.
CVE-2023-23752	Joomla improper access check.
CVE-202-22205	Remote Code Execution vulnerability in Gitlab CE/E.
CVE-2021-44228	Apache Log4j JNDI Injection (aka Log4Shell).
CVE-2021-22005	VMware vCenter Server 6.7 - 6.7 Update 3o and 7.0 - 7.0 Update 2c Customer Experience Improvement Program (CEIP) service unauthenticated arbitrary file upload vulnerability.
CVE-2021-21974	VMWare ESXi OpenSLP Unauthenticated Remote Code Execution.
CVE-2021-45046	Apache-log4j-jndi-injection-log4shell-bypass.
CVE-2021-40539	Zoho ManageEngine ADSelfService Plus authentication bypass vulnerability.
CVE-2021-41773	Apache HTTP Server Path Traversal.
CVE-2021-42013	Apache HTTP Server 2.4.50 Path Traversal.
CVE-2022-41082	Microsoft Exchange Proxynotshell Remote Code Execution.
CVE-2022-46169	Cacti command injection vulnerability.
CVE-2023-28121	WooCommerce Payment WordPress Plugin authentication bypass to gain administrative privileges.
CVE-2023-35078	MobileIron Core Unauthenticated API Access Vulnerability.
CVE-2023-27350	PaperCut MF/NG Improper Access Control Vulnerability.
CVE-2021-35394	Realtek Jungle SDK Remote Code Execution Vulnerability.
CVE-2023-33246	Apache RocketMQ Remote Code Execution Vulnerability.
CVE-2023-1389	TP-Link Archer AX-21 Command Injection Vulnerability.
CVE-2023-42793	JetBrains TeamCity Authentication Bypass Attack.
CVE-2022-29303	SolarView Compact Command Injection Vulnerability.
CVE-2017-11317	Progress Telerik UI Attack.
CVE-2023-4966	Citrix Bleed Attack.
CVE-2023-26360	Adobe ColdFusion Deserialization of Untrusted Data Vulnerabilities.
CVE-2018-9995	TBK DVR Authentication Bypass Attack.
CVE-2023-20887	VMware Aria Operations for Networks Command Injection Vulnerability.
CVE-2024-20767	ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control.
CVE-2024-27198	A critical authentication bypass vulnerability in the web component of JetBrains TeamCity versions before 2023.11.4.
CVE-2024-3400	Palo Alto Networks PAN-OS Command Injection Vulnerability.
CVE-2022-4257	Unauthorized RCE vulnerability in the C-Data web management system.
CVE-2024-24919	Arbitrary File Read in Check Point SVN, which allows an attacker to read certain information on Check Point Security.
CVE-2024-1709	ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass to RCE.
CVE-2024-3273	A vulnerability in D-Link NAS devices that allows remote attackers to execute arbitrary commands via a crafted HTTP request to the cgi-bin/nas_sharing.cgi endpoint.
CVE-2021-40655	Sensitive information disclosure vulnerability in D-Link dir-605 Hardware.
CVE-2014-100005	D-Link DIR-600 routers with firmware before 2.17b02 has Cross-Site Request Forgery.
CVE-2024-4577	A critical PHP remote code execution vulnerability.
CVE-2022-40881	SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php.
CVE-2024-4879	Jelly Template Injection on ServiceNow.
CVE-2024-5217	ServiceNow - Incomplete Input Validation.
CVE-2023-29298	Adobe ColdFusion Access Control Bypass.
CVE-2023-38205	Adobe ColdFusion Access Control Bypass.
CVE-2024-36104	Apache OFBiz - Path Traversal.
CVE-2024-38856	Apache OFBiz - Remote Code Execution.
CVE-2024-22024	A XXE vulnerability in the SAML component of Ivanti Connect Secure, Ivanti Policy Secure and ZTA gateway.
CVE-2024-21893	A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure.

Notes:

To detect Debian-specific Redis vulnerability - CVE-2022-0543 as an outbreak alert, FortiDAST Scripting Engine (FSE) must be enabled.
To detect CVE-2021-26085 or CVE-2021-26086 as an outbreak alert, you must add the base URL of Atlassian Confluence or JIRA as target respectively.

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Unified SASE

Single Vendor SASE

Cloud Network Security

Secure Endpoint Connectivity

Web Application / API Protection

Security Operations

Security Operations Automation

Identity

Early Detection & Prevention

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Communication & Surveillance

Unified SASE

Single Vendor SASE

Secure Endpoint Connectivity

Cloud Network Security

Cloud-Native Security

Web Application / API Protection

Security Operations

Security Operations Automation

Endpoint

Data Protection

Identity

Email

Early Detection & Prevention

Expert Services

Edge Firewall

Orchestration & management

SD Branch

Application Delivery

Single Vendor SASE

Secure Endpoint Connectivity

Secure Private Access

Thin Edge

Identity

Application Gateway

Enterprise Asset Management

Endpoint Agent

Agentless Security Posture

Identity

Wireless

Switching

Identity

Privilege Acccess Management

Next Generation Firewall

Orchestration & management

Expert Services

All

All

Account Management

SAAS Management

SAAS Application Security

Managed Services

Platform as a service (PAAS)

Other SAAS Services

4D Pillars

Cloud

Popular Solutions

User Guide

Outbreak Alerts

Outbreak Alerts

Outbreak Alerts