A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets.
History

Wed, 13 Nov 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 12 Nov 2024 19:00:00 +0000

Type Values Removed Values Added
Description A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets.
First Time appeared Fortinet
Fortinet fortimanager
Fortinet fortios
Fortinet fortipam
Weaknesses CWE-306
CPEs cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*
Vendors & Products Fortinet
Fortinet fortimanager
Fortinet fortios
Fortinet fortipam
References
Metrics cvssV3_1

{'score': 5.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:U/RC:C'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2024-11-12T18:53:56.665Z

Updated: 2024-11-13T18:44:42.785Z

Reserved: 2024-02-14T09:18:43.245Z

Link: CVE-2024-26011

cve-icon Vulnrichment

Updated: 2024-11-13T18:44:36.637Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-12T19:15:08.320

Modified: 2024-11-13T17:01:16.850

Link: CVE-2024-26011

cve-icon Redhat

No data.