Outbreak Alerts
Click Outbreak Alerts in the top right corner of the dashboard page to view all the outbreak alerts detected in the top 5 assets scanned.
Click on the name of the alert to access additional information. Each alert in the Outbreak Alerts pane includes:
-
Name of the alert
-
Severity level
-
Last revised date
-
Description of the vulnerability
Following are the supported vulnerabilities for outbreak alerts in FortiDAST.
CVE |
Vulnerability |
---|---|
CVE-2021-26085 | Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability. |
CVE-2021-26086 | Atlassian JIRA Path Traversal Vulnerability. |
CVE-2022-0543 | Debian-specific Redis Server Lua Sandbox Escape Vulnerability. |
CVE-2022-22963 |
Spring Cloud Function 3.1.6, 3.2.2 and older Remote Code Execution Vulnerability. |
CVE-2022-22965 |
Spring Framework 5.2.x/5.3.x Remote Code Execution Vulnerability. |
CVE-2022-22980 |
Spring Data MongoDB SpEL Expression injection vulnerability through annotated repository query methods. |
CVE-2022-35914 |
GLPI PHP code injection via htmlawed module. |
CVE-2023-23752 |
Joomla improper access check. |
CVE-202-22205 |
Remote Code Execution vulnerability in Gitlab CE/E. |
CVE-2021-44228 |
Apache Log4j JNDI Injection (aka Log4Shell). |
CVE-2021-22005 |
VMware vCenter Server 6.7 - 6.7 Update 3o and 7.0 - 7.0 Update 2c Customer Experience Improvement Program (CEIP) service unauthenticated arbitrary file upload vulnerability. |
CVE-2021-21974 |
VMWare ESXi OpenSLP Unauthenticated Remote Code Execution. |
CVE-2021-45046 |
Apache-log4j-jndi-injection-log4shell-bypass. |
CVE-2021-40539 |
Zoho ManageEngine ADSelfService Plus authentication bypass vulnerability. |
CVE-2021-41773 |
Apache HTTP Server Path Traversal. |
CVE-2021-42013 |
Apache HTTP Server 2.4.50 Path Traversal. |
CVE-2022-41082 |
Microsoft Exchange Proxynotshell Remote Code Execution. |
CVE-2022-46169 |
Cacti command injection vulnerability. |
CVE-2023-28121 |
WooCommerce Payment WordPress Plugin authentication bypass to gain administrative privileges. |
CVE-2023-35078 |
MobileIron Core Unauthenticated API Access Vulnerability. |
CVE-2023-27350 |
PaperCut MF/NG Improper Access Control Vulnerability. |
CVE-2021-35394 |
Realtek Jungle SDK Remote Code Execution Vulnerability. |
CVE-2023-33246 |
Apache RocketMQ Remote Code Execution Vulnerability. |
CVE-2023-1389 |
TP-Link Archer AX-21 Command Injection Vulnerability. |
CVE-2023-42793 |
JetBrains TeamCity Authentication Bypass Attack. |
CVE-2022-29303 |
SolarView Compact Command Injection Vulnerability. |
CVE-2017-11317 |
Progress Telerik UI Attack. |
CVE-2023-4966 |
Citrix Bleed Attack. |
CVE-2023-26360 |
Adobe ColdFusion Deserialization of Untrusted Data Vulnerabilities. |
CVE-2018-9995 |
TBK DVR Authentication Bypass Attack. |
CVE-2023-20887 |
VMware Aria Operations for Networks Command Injection Vulnerability. |
CVE-2024-20767 |
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control. |
CVE-2024-27198 |
A critical authentication bypass vulnerability in the web component of JetBrains TeamCity versions before 2023.11.4. |
CVE-2024-3400 |
Palo Alto Networks PAN-OS Command Injection Vulnerability. |
CVE-2022-4257 |
Unauthorized RCE vulnerability in the C-Data web management system. |
CVE-2024-24919 |
Arbitrary File Read in Check Point SVN, which allows an attacker to read certain information on Check Point Security. |
CVE-2024-1709 |
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass to RCE. |
CVE-2024-3273 |
A vulnerability in D-Link NAS devices that allows remote attackers to execute arbitrary commands via a crafted HTTP request to the cgi-bin/nas_sharing.cgi endpoint. |
CVE-2021-40655 |
Sensitive information disclosure vulnerability in D-Link dir-605 Hardware. |
CVE-2014-100005 |
D-Link DIR-600 routers with firmware before 2.17b02 has Cross-Site Request Forgery. |
CVE-2024-4577 |
A critical PHP remote code execution vulnerability. |
CVE-2022-40881 |
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php. |
CVE-2024-4879 |
Jelly Template Injection on ServiceNow. |
CVE-2024-5217 |
ServiceNow - Incomplete Input Validation. |
CVE-2023-29298 |
Adobe ColdFusion Access Control Bypass. |
CVE-2023-38205 |
|
CVE-2024-36104 |
Apache OFBiz - Path Traversal. |
CVE-2024-38856 |
Apache OFBiz - Remote Code Execution. |
CVE-2024-22024 |
A XXE vulnerability in the SAML component of Ivanti Connect Secure, Ivanti Policy Secure and ZTA gateway. |
CVE-2024-21893 |
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure. |
CVE-2019-7256 |
Nice Linear eMerge Command Injection Vulnerability. |
CVE-2021-26084 |
Confluence Server OGNL RCE. |
CVE-2021-33044 |
An Authentication Bypass Vulnerability in Dahua Products. |
CVE-2021-33045 |
|
CVE-2024-23897 |
Jenkins Arbitrary File Read Vulnerability. |
CVE-2022-26138 |
Atlassian Questions for Confluence App Hardcoded Credentials Vulnerability. |
Notes:
-
To detect Debian-specific Redis vulnerability - CVE-2022-0543 as an outbreak alert, FortiDAST Scripting Engine (FSE) must be enabled.
-
To detect CVE-2021-26085 or CVE-2021-26086 as an outbreak alert, you must add the base URL of Atlassian Confluence or JIRA as target respectively.