A incorrect privilege assignment in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, FortiManager versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, FortiAnalyzer Cloud versions 7.4.1 through 7.4.2, 7.2.1 through 7.2.6, 7.0.1 through 7.0.13, 6.4.1 through 6.4.7 allows attacker to escalate privilege via specific shell commands
References
Link | Resource |
---|---|
https://fortiguard.fortinet.com/psirt/FG-IR-24-127 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
03 Feb 2025, 21:03
Type | Values Removed | Values Added |
---|---|---|
References | () https://fortiguard.fortinet.com/psirt/FG-IR-24-127 - Vendor Advisory | |
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:* |
|
Summary |
|
|
First Time |
Fortinet
Fortinet fortimanager Fortinet fortianalyzer Cloud Fortinet fortimanager Cloud Fortinet fortianalyzer |
16 Jan 2025, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-01-16 09:15
Updated : 2025-02-03 21:03
NVD link : CVE-2024-45331
Mitre link : CVE-2024-45331
CVE.ORG link : CVE-2024-45331
JSON object : View
Products Affected
fortinet
- fortimanager_cloud
- fortianalyzer_cloud
- fortianalyzer
- fortimanager
CWE