A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests.
References
Link | Resource |
---|---|
https://fortiguard.fortinet.com/psirt/FG-IR-24-423 | Exploit Mitigation Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Nov 2024, 08:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests. |
24 Oct 2024, 18:56
Type | Values Removed | Values Added |
---|---|---|
References | () https://fortiguard.fortinet.com/psirt/FG-IR-24-423 - Exploit, Mitigation, Vendor Advisory | |
CPE | cpe:2.3:a:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:* |
|
First Time |
Fortinet fortimanager Cloud
Fortinet Fortinet fortimanager |
24 Oct 2024, 14:20
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
23 Oct 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-23 15:15
Updated : 2024-11-08 21:16
NVD link : CVE-2024-47575
Mitre link : CVE-2024-47575
CVE.ORG link : CVE-2024-47575
JSON object : View
Products Affected
fortinet
- fortimanager_cloud
- fortimanager
CWE
CWE-306
Missing Authentication for Critical Function