{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-48885", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2024-10-09T09:03:09.960Z", "datePublished": "2025-01-16T09:01:52.958Z", "dateUpdated": "2025-01-16T14:16:29.431Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiRecorder", "cpes": ["cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.1", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.4", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiWeb", "cpes": [], "defaultStatus": "unaffected", "versions": [{"version": "7.6.0", "status": "affected"}, {"versionType": "semver", "version": "7.4.0", "lessThanOrEqual": "7.4.4", "status": "affected"}, {"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.10", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.10", "status": "affected"}, {"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.3", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiVoice", "cpes": ["cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.4", "status": "affected"}, {"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.9", "status": "affected"}, {"versionType": "semver", "version": "6.0.0", "lessThanOrEqual": "6.0.12", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2025-01-16T09:01:52.958Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-22", "description": "Escalation of privilege", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiRecorder version 7.2.2 or above \nPlease upgrade to FortiRecorder version 7.0.5 or above \nPlease upgrade to FortiProxy version 7.4.6 or above \nPlease upgrade to FortiProxy version 7.2.12 or above \nPlease upgrade to FortiProxy version 7.0.19 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiWeb version 7.6.1 or above \nPlease upgrade to FortiWeb version 7.4.5 or above \nPlease upgrade to FortiOS version 7.6.1 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.10 or above \nPlease upgrade to FortiOS version 7.0.16 or above \nPlease upgrade to FortiManager version 7.6.2 or above \nPlease upgrade to FortiManager version 7.4.4 or above \nPlease upgrade to FortiVoice version 7.2.0 or above \nPlease upgrade to FortiVoice version 7.0.5 or above \nPlease upgrade to FortiVoice version 6.4.10 or above \nPlease upgrade to FortiManager Cloud version 7.4.4 or above"}], "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-259", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-259"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-16T14:15:57.157206Z", "id": "CVE-2024-48885", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-16T14:16:29.431Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-48885", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-16T14:15:57.157206Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-16T14:16:12.266Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.2, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"cpes": ["cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiRecorder", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.1"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.4"}], "defaultStatus": "unaffected"}, {"cpes": [], "vendor": "Fortinet", "product": "FortiWeb", "versions": [{"status": "affected", "version": "7.6.0"}, {"status": "affected", "version": "7.4.0", "versionType": "semver", "lessThanOrEqual": "7.4.4"}, {"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.10"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.10"}, {"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.3"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*"], "vendor": "Fortinet", "product": "FortiVoice", "versions": [{"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.4"}, {"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.9"}, {"status": "affected", "version": "6.0.0", "versionType": "semver", "lessThanOrEqual": "6.0.12"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiRecorder version 7.2.2 or above \nPlease upgrade to FortiRecorder version 7.0.5 or above \nPlease upgrade to FortiProxy version 7.4.6 or above \nPlease upgrade to FortiProxy version 7.2.12 or above \nPlease upgrade to FortiProxy version 7.0.19 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiWeb version 7.6.1 or above \nPlease upgrade to FortiWeb version 7.4.5 or above \nPlease upgrade to FortiOS version 7.6.1 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.10 or above \nPlease upgrade to FortiOS version 7.0.16 or above \nPlease upgrade to FortiManager version 7.6.2 or above \nPlease upgrade to FortiManager version 7.4.4 or above \nPlease upgrade to FortiVoice version 7.2.0 or above \nPlease upgrade to FortiVoice version 7.0.5 or above \nPlease upgrade to FortiVoice version 6.4.10 or above \nPlease upgrade to FortiManager Cloud version 7.4.4 or above"}], "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-259", "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-259"}], "descriptions": [{"lang": "en", "value": "A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "Escalation of privilege"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2025-01-16T09:01:52.958Z"}}}, "cveMetadata": {"cveId": "CVE-2024-48885", "state": "PUBLISHED", "dateUpdated": "2025-01-16T14:16:29.431Z", "dateReserved": "2024-10-09T09:03:09.960Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2025-01-16T09:01:52.958Z", "assignerShortName": "fortinet"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD60BA50-3F98-46BF-97E8-28AB207DE12A", "versionEndExcluding": "7.0.5", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*", "matchCriteriaId": "C0B0D078-2F52-46B4-B9C0-162447828E1B", "versionEndExcluding": "7.2.2", "versionStartIncluding": "7.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*", "matchCriteriaId": "BBF1E214-4BC5-47E8-BF02-072D6D830BAF", "versionEndIncluding": "6.4.10", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*", "matchCriteriaId": "5EEE0DFA-DE31-4D26-AC98-6BCED8F008DC", "versionEndIncluding": "7.0.5", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDB9CE13-AAF4-418C-BA26-1A0D53C5C1C2", "versionEndExcluding": "7.4.5", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "28B43375-DA74-4C5F-BAEE-39F312EEF51F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets."}, {"lang": "es", "value": " Una limitaci\u00f3n incorrecta de una ruta de acceso a un directorio restringido (\"path traversal\") en Fortinet FortiRecorder versiones 7.2.0 a 7.2.1, 7.0.0 a 7.0.4, FortiWeb versiones 7.6.0, 7.4.0 a 7.4.4, 7.2.0 a 7.2.10, 7.0.0 a 7.0.10, 6.4.0 a 6.4.3, FortiVoice versiones 7.0.0 a 7.0.4, 6.4.0 a 6.4.9, 6.0.0 a 6.0.12 permite a un atacante escalar privilegios a trav\u00e9s de paquetes especialmente manipulados."}], "id": "CVE-2024-48885", "lastModified": "2025-09-24T15:25:58.637", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "psirt@fortinet.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-01-16T09:15:06.737", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-259"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "psirt@fortinet.com", "type": "Primary"}]}

{}

{}