An exposure of sensitive information to an unauthorized actor in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.2 through 3.2.4 and 3.1.5 allows attacker to information disclosure via HTTP get requests.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-24-051 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
20 Sep 2024, 19:48
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CPE | cpe:2.3:a:fortinet:fortisandbox:3.1.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo | |
References | () https://fortiguard.com/psirt/FG-IR-24-051 - Vendor Advisory | |
First Time |
Fortinet
Fortinet fortisandbox |
10 Sep 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-10 15:15
Updated : 2024-09-20 19:48
NVD link : CVE-2024-31490
Mitre link : CVE-2024-31490
CVE.ORG link : CVE-2024-31490
JSON object : View
Products Affected
fortinet
- fortisandbox
CWE