A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.2 through 7.2.5 allows attacker to escalate its privileges via specially crafted requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.fortinet.com/psirt/FG-IR-24-196 |
History
Sat, 19 Oct 2024 01:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Fortinet fortianalyzer Cloud
|
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Fortinet fortianalyzer Cloud
|
Tue, 08 Oct 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 08 Oct 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.2 through 7.2.5 allows attacker to escalate its privileges via specially crafted requests. | |
First Time appeared |
Fortinet
Fortinet fortianalyzer |
|
Weaknesses | CWE-134 | |
CPEs | cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:* |
|
Vendors & Products |
Fortinet
Fortinet fortianalyzer |
|
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-10-08T14:19:03.894Z
Updated: 2024-10-08T16:00:13.750Z
Reserved: 2024-08-27T06:43:07.251Z
Link: CVE-2024-45330
Vulnrichment
Updated: 2024-10-08T16:00:07.439Z
NVD
Status : Analyzed
Published: 2024-10-08T15:15:15.010
Modified: 2024-10-19T00:41:09.717
Link: CVE-2024-45330
Redhat
No data.