cvelistv5 - cve-2024-36512

CVE-2024-36512 (GCVE-0-2024-36512)

Vulnerability from cvelistv5

Published

2025-01-14 14:08

Modified

2025-01-14 20:56

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RC:C

Summary

An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.10 through 6.2.13 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.

References

▼	URL	Tags
	psirt@fortinet.com	https://fortiguard.fortinet.com/psirt/FG-IR-24-152	Vendor Advisory

Impacted products

Vendor

Product

Version

▼

Fortinet

FortiManager

Version: 7.4.0   ≤ 7.4.3
Version: 7.2.0   ≤ 7.2.5
Version: 7.0.2   ≤ 7.0.12
Version: 6.2.10   ≤ 6.2.13
    cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*

Fortinet

FortiAnalyzer

Version: 7.4.0   ≤ 7.4.3
Version: 7.2.0   ≤ 7.2.5
Version: 7.0.2   ≤ 7.0.12
Version: 6.2.10   ≤ 6.2.13
    cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.2.13:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:*
    cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-36512",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-01-14T15:16:47.023639Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-01-14T20:56:36.826Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               cpes: [
                  "cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "FortiManager",
               vendor: "Fortinet",
               versions: [
                  {
                     lessThanOrEqual: "7.4.3",
                     status: "affected",
                     version: "7.4.0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "7.2.5",
                     status: "affected",
                     version: "7.2.0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "7.0.12",
                     status: "affected",
                     version: "7.0.2",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.2.13",
                     status: "affected",
                     version: "6.2.10",
                     versionType: "semver",
                  },
               ],
            },
            {
               cpes: [
                  "cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:6.2.13:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "FortiAnalyzer",
               vendor: "Fortinet",
               versions: [
                  {
                     lessThanOrEqual: "7.4.3",
                     status: "affected",
                     version: "7.4.0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "7.2.5",
                     status: "affected",
                     version: "7.2.0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "7.0.12",
                     status: "affected",
                     version: "7.0.2",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.2.13",
                     status: "affected",
                     version: "6.2.10",
                     versionType: "semver",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.10 through 6.2.13 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "Execute unauthorized code or commands",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-01-14T14:08:44.576Z",
            orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            shortName: "fortinet",
         },
         references: [
            {
               name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-152",
               url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-152",
            },
         ],
         solutions: [
            {
               lang: "en",
               value: "Please upgrade to FortiManager version 7.6.0 or above \nPlease upgrade to FortiManager version 7.4.4 or above \nPlease upgrade to FortiManager version 7.2.6 or above \nPlease upgrade to FortiManager version 7.0.13 or above \nPlease upgrade to FortiAnalyzer version 7.6.0 or above \nPlease upgrade to FortiAnalyzer version 7.4.4 or above \nPlease upgrade to FortiAnalyzer version 7.2.6 or above \nPlease upgrade to FortiAnalyzer version 7.0.13 or above",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
      assignerShortName: "fortinet",
      cveId: "CVE-2024-36512",
      datePublished: "2025-01-14T14:08:44.576Z",
      dateReserved: "2024-05-29T08:44:50.760Z",
      dateUpdated: "2025-01-14T20:56:36.826Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         descriptions: "[{\"lang\": \"en\", \"value\": \"An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.10 through 6.2.13 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.\"}]",
         id: "CVE-2024-36512",
         lastModified: "2025-01-14T14:15:30.880",
         metrics: "{\"cvssMetricV31\": [{\"source\": \"psirt@fortinet.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}]}",
         published: "2025-01-14T14:15:30.880",
         references: "[{\"url\": \"https://fortiguard.fortinet.com/psirt/FG-IR-24-152\", \"source\": \"psirt@fortinet.com\"}]",
         sourceIdentifier: "psirt@fortinet.com",
         vulnStatus: "Received",
         weaknesses: "[{\"source\": \"psirt@fortinet.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2024-36512\",\"sourceIdentifier\":\"psirt@fortinet.com\",\"published\":\"2025-01-14T14:15:30.880\",\"lastModified\":\"2025-01-31T16:32:26.597\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.10 through 6.2.13 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.\"},{\"lang\":\"es\",\"value\":\"Una limitación incorrecta de una ruta de acceso a un directorio restringido ('Path Traversal') en Fortinet FortiManager, FortiAnalyzer 7.4.0 a 7.4.3 y 7.2.0 a 7.2.5 y 7.0.2 a 7.0.12 y 6.2.10 a 6.2.13 permite a un atacante ejecutar código o comandos no autorizados a través de solicitudes HTTP o HTTPS manipuladas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2.10\",\"versionEndExcluding\":\"7.0.13\",\"matchCriteriaId\":\"B2B9910D-81A2-4146-9EB3-C7D949FB2C3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0\",\"versionEndExcluding\":\"7.2.6\",\"matchCriteriaId\":\"6FCEF6EE-A923-4DCE-A225-C6D1FB0123E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.4.0\",\"versionEndExcluding\":\"7.4.4\",\"matchCriteriaId\":\"E6F162A7-0D01-43E0-99D8-D7B87B080853\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2.10\",\"versionEndExcluding\":\"7.0.13\",\"matchCriteriaId\":\"A0B65AA1-2215-4D35-B3BF-F362EE66014B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0\",\"versionEndExcluding\":\"7.2.6\",\"matchCriteriaId\":\"605795FE-4D3E-48D4-B2E6-AED4C79B405F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.4.0\",\"versionEndExcluding\":\"7.4.4\",\"matchCriteriaId\":\"3AE9CAFD-5D5B-4799-8690-624225963595\"}]}]}],\"references\":[{\"url\":\"https://fortiguard.fortinet.com/psirt/FG-IR-24-152\",\"source\":\"psirt@fortinet.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
      vulnrichment: {
         containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-36512\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-14T15:16:47.023639Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-14T15:16:48.349Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*\"], \"vendor\": \"Fortinet\", \"product\": \"FortiManager\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.4.3\"}, {\"status\": \"affected\", \"version\": \"7.2.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.2.5\"}, {\"status\": \"affected\", \"version\": \"7.0.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.12\"}, {\"status\": \"affected\", \"version\": \"6.2.10\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.2.13\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.2.13:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*\"], \"vendor\": \"Fortinet\", \"product\": \"FortiAnalyzer\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.4.3\"}, {\"status\": \"affected\", \"version\": \"7.2.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.2.5\"}, {\"status\": \"affected\", \"version\": \"7.0.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.12\"}, {\"status\": \"affected\", \"version\": \"6.2.10\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.2.13\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Please upgrade to FortiManager version 7.6.0 or above \\nPlease upgrade to FortiManager version 7.4.4 or above \\nPlease upgrade to FortiManager version 7.2.6 or above \\nPlease upgrade to FortiManager version 7.0.13 or above \\nPlease upgrade to FortiAnalyzer version 7.6.0 or above \\nPlease upgrade to FortiAnalyzer version 7.4.4 or above \\nPlease upgrade to FortiAnalyzer version 7.2.6 or above \\nPlease upgrade to FortiAnalyzer version 7.0.13 or above\"}], \"references\": [{\"url\": \"https://fortiguard.fortinet.com/psirt/FG-IR-24-152\", \"name\": \"https://fortiguard.fortinet.com/psirt/FG-IR-24-152\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.10 through 6.2.13 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"Execute unauthorized code or commands\"}]}], \"providerMetadata\": {\"orgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"shortName\": \"fortinet\", \"dateUpdated\": \"2025-01-14T14:08:44.576Z\"}}}",
         cveMetadata: "{\"cveId\": \"CVE-2024-36512\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-14T20:56:36.826Z\", \"dateReserved\": \"2024-05-29T08:44:50.760Z\", \"assignerOrgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"datePublished\": \"2025-01-14T14:08:44.576Z\", \"assignerShortName\": \"fortinet\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}

fkie_cve-2024-36512

Vulnerability from fkie_nvd

Published

2025-01-14 14:15

Modified

2025-01-31 16:32

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

References

▼	URL	Tags
	psirt@fortinet.com	https://fortiguard.fortinet.com/psirt/FG-IR-24-152	Vendor Advisory

Impacted products

Vendor	Product	Version
fortinet	fortianalyzer	*
fortinet	fortianalyzer	*
fortinet	fortianalyzer	*
fortinet	fortimanager	*
fortinet	fortimanager	*
fortinet	fortimanager	*

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2B9910D-81A2-4146-9EB3-C7D949FB2C3F",
                     versionEndExcluding: "7.0.13",
                     versionStartIncluding: "6.2.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FCEF6EE-A923-4DCE-A225-C6D1FB0123E8",
                     versionEndExcluding: "7.2.6",
                     versionStartIncluding: "7.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E6F162A7-0D01-43E0-99D8-D7B87B080853",
                     versionEndExcluding: "7.4.4",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A0B65AA1-2215-4D35-B3BF-F362EE66014B",
                     versionEndExcluding: "7.0.13",
                     versionStartIncluding: "6.2.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "605795FE-4D3E-48D4-B2E6-AED4C79B405F",
                     versionEndExcluding: "7.2.6",
                     versionStartIncluding: "7.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AE9CAFD-5D5B-4799-8690-624225963595",
                     versionEndExcluding: "7.4.4",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.10 through 6.2.13 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.",
      },
      {
         lang: "es",
         value: "Una limitación incorrecta de una ruta de acceso a un directorio restringido ('Path Traversal') en Fortinet FortiManager, FortiAnalyzer 7.4.0 a 7.4.3 y 7.2.0 a 7.2.5 y 7.0.2 a 7.0.12 y 6.2.10 a 6.2.13 permite a un atacante ejecutar código o comandos no autorizados a través de solicitudes HTTP o HTTPS manipuladas.",
      },
   ],
   id: "CVE-2024-36512",
   lastModified: "2025-01-31T16:32:26.597",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 5.9,
            source: "psirt@fortinet.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2025-01-14T14:15:30.880",
   references: [
      {
         source: "psirt@fortinet.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-152",
      },
   ],
   sourceIdentifier: "psirt@fortinet.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-22",
            },
         ],
         source: "psirt@fortinet.com",
         type: "Primary",
      },
   ],
}

ghsa-w29f-xpw3-353w

Vulnerability from github

Published

2025-01-14 15:30

Modified

2025-01-14 15:30

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2024-36512",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-22",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2025-01-14T14:15:30Z",
      severity: "HIGH",
   },
   details: "An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.10 through 6.2.13 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.",
   id: "GHSA-w29f-xpw3-353w",
   modified: "2025-01-14T15:30:53Z",
   published: "2025-01-14T15:30:53Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36512",
      },
      {
         type: "WEB",
         url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-152",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
         type: "CVSS_V3",
      },
   ],
}

wid-sec-w-2025-0096

Vulnerability from csaf_certbund

Published

2025-01-14 23:00

Modified

2025-01-14 23:00

Summary

Fortinet FortiAnalyzer und FortiManager: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

FortiAnalyzer ist eine Plattform zur Protokollverwaltung, Analyse und Berichterstellung. FortiManager Security Management Appliances ermöglicht die Verwaltung von Fortinet Network Security Geräten.

Angriff

Ein entfernter authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Fortinet FortiAnalyzer und Fortinet FortiManager ausnutzen, um Dateien zu manipulieren, erhöhte Rechte zu erlangen und beliebigen Code auszuführen.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "mittel",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "FortiAnalyzer ist eine Plattform zur Protokollverwaltung, Analyse und Berichterstellung.\r\nFortiManager Security Management Appliances ermöglicht die Verwaltung von Fortinet Network Security Geräten.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein entfernter authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Fortinet FortiAnalyzer und Fortinet FortiManager ausnutzen, um Dateien zu manipulieren, erhöhte Rechte zu erlangen und beliebigen Code auszuführen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Sonstiges",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2025-0096 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0096.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2025-0096 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0096",
         },
         {
            category: "external",
            summary: "FortiGuard PSIRT Advisory FG-IR-24-143 vom 2025-01-14",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-143",
         },
         {
            category: "external",
            summary: "FortiGuard PSIRT Advisory FG-IR-24-127 vom 2025-01-14",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-127",
         },
         {
            category: "external",
            summary: "FortiGuard PSIRT Advisory FG-IR-24-106 vom 2025-01-14",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-106",
         },
         {
            category: "external",
            summary: "FortiGuard PSIRT Advisory FG-IR-24-091 vom 2025-01-14",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-091",
         },
         {
            category: "external",
            summary: "FortiGuard PSIRT Advisory FG-IR-24-165 vom 2025-01-14",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-165",
         },
         {
            category: "external",
            summary: "FortiGuard PSIRT Advisory FG-IR-24-152 vom 2025-01-14",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-152",
         },
      ],
      source_lang: "en-US",
      title: "Fortinet FortiAnalyzer und FortiManager: Mehrere Schwachstellen",
      tracking: {
         current_release_date: "2025-01-14T23:00:00.000+00:00",
         generator: {
            date: "2025-01-15T12:18:23.987+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.10",
            },
         },
         id: "WID-SEC-W-2025-0096",
         initial_release_date: "2025-01-14T23:00:00.000+00:00",
         revision_history: [
            {
               date: "2025-01-14T23:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "Fortinet FortiAnalyzer",
                  product: {
                     name: "Fortinet FortiAnalyzer",
                     product_id: "T040175",
                     product_identification_helper: {
                        cpe: "cpe:/a:fortinet:fortianalyzer:-",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "Fortinet FortiManager",
                  product: {
                     name: "Fortinet FortiManager",
                     product_id: "T040177",
                     product_identification_helper: {
                        cpe: "cpe:/a:fortinet:fortimanager:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Fortinet",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-33502",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen in Fortinet FortiAnalyzer und Fortinet FortiManager. Diese Schwachstellen betreffen die grafische Benutzeroberfläche aufgrund mehrerer Path-Traversal-Probleme. Ein entfernter, authentisierter Angreifer mit erhöhten Rechten oder mit einem Super-Admin-Profil kann diese Schwachstelle ausnutzen, um über manipulierte HTTP- oder HTTPs-Anfragen Dateien auf dem zugrunde liegenden Dateisystem zu löschen oder zu schreiben.",
            },
         ],
         product_status: {
            known_affected: [
               "T040175",
               "T040177",
            ],
         },
         release_date: "2025-01-14T23:00:00.000+00:00",
         title: "CVE-2024-33502",
      },
      {
         cve: "CVE-2024-36512",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen in Fortinet FortiAnalyzer und Fortinet FortiManager. Diese Schwachstellen betreffen die grafische Benutzeroberfläche aufgrund mehrerer Path-Traversal-Probleme. Ein entfernter, authentisierter Angreifer mit erhöhten Rechten oder mit einem Super-Admin-Profil kann diese Schwachstelle ausnutzen, um über manipulierte HTTP- oder HTTPs-Anfragen Dateien auf dem zugrunde liegenden Dateisystem zu löschen oder zu schreiben.",
            },
         ],
         product_status: {
            known_affected: [
               "T040175",
               "T040177",
            ],
         },
         release_date: "2025-01-14T23:00:00.000+00:00",
         title: "CVE-2024-36512",
      },
      {
         cve: "CVE-2024-33503",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen in Fortinet FortiAnalyzer und Fortinet FortiManager, die auf eine unsachgemäße Verwaltung von Berechtigungen zurückzuführen sind. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um sich durch den Missbrauch falscher Dateisystemberechtigungen erweiterte Rechte zu verschaffen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.",
            },
         ],
         product_status: {
            known_affected: [
               "T040175",
               "T040177",
            ],
         },
         release_date: "2025-01-14T23:00:00.000+00:00",
         title: "CVE-2024-33503",
      },
      {
         cve: "CVE-2024-45331",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen in Fortinet FortiAnalyzer und Fortinet FortiManager, die auf eine unsachgemäße Verwaltung von Berechtigungen zurückzuführen sind. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um sich durch den Missbrauch falscher Dateisystemberechtigungen erweiterte Rechte zu verschaffen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.",
            },
         ],
         product_status: {
            known_affected: [
               "T040175",
               "T040177",
            ],
         },
         release_date: "2025-01-14T23:00:00.000+00:00",
         title: "CVE-2024-45331",
      },
      {
         cve: "CVE-2024-35273",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen in Fortinet FortiAnalyzer und Fortinet FortiManager. Diese Schwachstellen betreffen die grafische Benutzeroberfläche aufgrund mehrerer Sicherheitsprobleme, darunter ein Out-of-Bounds-Write, eine unsachgemäße Neutralisierung spezieller Elemente, die in einem SQL-Befehl verwendet werden, und ein Stack-basierter Überlauf. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen.",
            },
         ],
         product_status: {
            known_affected: [
               "T040175",
               "T040177",
            ],
         },
         release_date: "2025-01-14T23:00:00.000+00:00",
         title: "CVE-2024-35273",
      },
      {
         cve: "CVE-2024-35275",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen in Fortinet FortiAnalyzer und Fortinet FortiManager. Diese Schwachstellen betreffen die grafische Benutzeroberfläche aufgrund mehrerer Sicherheitsprobleme, darunter ein Out-of-Bounds-Write, eine unsachgemäße Neutralisierung spezieller Elemente, die in einem SQL-Befehl verwendet werden, und ein Stack-basierter Überlauf. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen.",
            },
         ],
         product_status: {
            known_affected: [
               "T040175",
               "T040177",
            ],
         },
         release_date: "2025-01-14T23:00:00.000+00:00",
         title: "CVE-2024-35275",
      },
      {
         cve: "CVE-2024-35276",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen in Fortinet FortiAnalyzer und Fortinet FortiManager. Diese Schwachstellen betreffen die grafische Benutzeroberfläche aufgrund mehrerer Sicherheitsprobleme, darunter ein Out-of-Bounds-Write, eine unsachgemäße Neutralisierung spezieller Elemente, die in einem SQL-Befehl verwendet werden, und ein Stack-basierter Überlauf. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen.",
            },
         ],
         product_status: {
            known_affected: [
               "T040175",
               "T040177",
            ],
         },
         release_date: "2025-01-14T23:00:00.000+00:00",
         title: "CVE-2024-35276",
      },
   ],
}

ncsc-2025-0018

Vulnerability from csaf_ncscnl

Published

2025-01-15 13:25

Modified

2025-01-15 13:25

Summary

Kwetsbaarheden verholpen in Fortinet FortiSwitch, FortiManager, FortiAnalyzer, FortiOS en FortiProxy

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Fortinet heeft kwetsbaarheden verholpen in FortiSwitch, FortiManager, FortiAnalyzer, FortiOS en FortiProxy.

Interpretaties

De kwetsbaarheden omvatten onder andere hard-coded cryptografische sleutels, onjuiste verwerking van OS-commando's, en out-of-bounds schrijf- en leesfouten. Aanvallers kunnen deze kwetsbaarheden misbruiken om ongeautoriseerde toegang te verkrijgen, willekeurige code uit te voeren en Denial-of-Service-aanvallen te veroorzaken.

Oplossingen

Fortinet heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-672

Operation on a Resource after Expiration or Release

CWE-1390

Weak Authentication

CWE-201

Insertion of Sensitive Information Into Sent Data

CWE-266

Incorrect Privilege Assignment

CWE-23

Relative Path Traversal

CWE-190

Integer Overflow or Wraparound

CWE-321

Use of Hard-coded Cryptographic Key

CWE-125

Out-of-bounds Read

CWE-306

Missing Authentication for Critical Function

CWE-346

Origin Validation Error

CWE-113

Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

CWE-476

NULL Pointer Dereference

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-787

Out-of-bounds Write

CWE-121

Stack-based Buffer Overflow

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

JSON

To clipboard

{
   document: {
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
         },
      },
      lang: "nl",
      notes: [
         {
            category: "legal_disclaimer",
            text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.",
         },
         {
            category: "description",
            text: "Fortinet heeft kwetsbaarheden verholpen in FortiSwitch, FortiManager, FortiAnalyzer, FortiOS en FortiProxy.",
            title: "Feiten",
         },
         {
            category: "description",
            text: "De kwetsbaarheden omvatten onder andere hard-coded cryptografische sleutels, onjuiste verwerking van OS-commando's, en out-of-bounds schrijf- en leesfouten. Aanvallers kunnen deze kwetsbaarheden misbruiken om ongeautoriseerde toegang te verkrijgen, willekeurige code uit te voeren en Denial-of-Service-aanvallen te veroorzaken. ",
            title: "Interpretaties",
         },
         {
            category: "description",
            text: "Fortinet heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
            title: "Oplossingen",
         },
         {
            category: "general",
            text: "medium",
            title: "Kans",
         },
         {
            category: "general",
            text: "high",
            title: "Schade",
         },
         {
            category: "general",
            text: "Operation on a Resource after Expiration or Release",
            title: "CWE-672",
         },
         {
            category: "general",
            text: "Weak Authentication",
            title: "CWE-1390",
         },
         {
            category: "general",
            text: "Insertion of Sensitive Information Into Sent Data",
            title: "CWE-201",
         },
         {
            category: "general",
            text: "Incorrect Privilege Assignment",
            title: "CWE-266",
         },
         {
            category: "general",
            text: "Relative Path Traversal",
            title: "CWE-23",
         },
         {
            category: "general",
            text: "Integer Overflow or Wraparound",
            title: "CWE-190",
         },
         {
            category: "general",
            text: "Use of Hard-coded Cryptographic Key",
            title: "CWE-321",
         },
         {
            category: "general",
            text: "Out-of-bounds Read",
            title: "CWE-125",
         },
         {
            category: "general",
            text: "Missing Authentication for Critical Function",
            title: "CWE-306",
         },
         {
            category: "general",
            text: "Origin Validation Error",
            title: "CWE-346",
         },
         {
            category: "general",
            text: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')",
            title: "CWE-113",
         },
         {
            category: "general",
            text: "NULL Pointer Dereference",
            title: "CWE-476",
         },
         {
            category: "general",
            text: "Allocation of Resources Without Limits or Throttling",
            title: "CWE-770",
         },
         {
            category: "general",
            text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
            title: "CWE-22",
         },
         {
            category: "general",
            text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
            title: "CWE-78",
         },
         {
            category: "general",
            text: "Out-of-bounds Write",
            title: "CWE-787",
         },
         {
            category: "general",
            text: "Stack-based Buffer Overflow",
            title: "CWE-121",
         },
         {
            category: "general",
            text: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
            title: "CWE-89",
         },
      ],
      publisher: {
         category: "coordinator",
         contact_details: "cert@ncsc.nl",
         name: "Nationaal Cyber Security Centrum",
         namespace: "https://www.ncsc.nl/",
      },
      references: [
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-239",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-143",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-097",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-152",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-222",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-326",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-282",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-23-405",
         },
         {
            category: "external",
            summary: "Reference - certbundde",
            url: "https://www.fortiguard.com/psirt/FG-IR-23-260",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-23-407",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-267",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-135",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-219",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-127",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-23-293",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-463",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-061",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-373",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-259",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-106",
         },
         {
            category: "external",
            summary: "Reference - certbundde",
            url: "https://www.fortiguard.com/psirt/FG-IR-23-258",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-091",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-23-473",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-165",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-250",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-221",
         },
         {
            category: "external",
            summary: "Reference - ncscclear",
            url: "https://www.fortiguard.com/psirt/FG-IR-23-494",
         },
      ],
      title: "Kwetsbaarheden verholpen in Fortinet FortiSwitch, FortiManager, FortiAnalyzer, FortiOS en FortiProxy",
      tracking: {
         current_release_date: "2025-01-15T13:25:32.904961Z",
         id: "NCSC-2025-0018",
         initial_release_date: "2025-01-15T13:25:32.904961Z",
         revision_history: [
            {
               date: "2025-01-15T13:25:32.904961Z",
               number: "0",
               summary: "Initiele versie",
            },
         ],
         status: "final",
         version: "1.0.0",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "fortiswitch",
                  product: {
                     name: "fortiswitch",
                     product_id: "CSAFPID-113747",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "fortianalyzer",
                  product: {
                     name: "fortianalyzer",
                     product_id: "CSAFPID-113748",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "fortiproxy",
                  product: {
                     name: "fortiproxy",
                     product_id: "CSAFPID-265532",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "fortios",
                  product: {
                     name: "fortios",
                     product_id: "CSAFPID-113752",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:fortinet:fortios:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "fortimanager",
                  product: {
                     name: "fortimanager",
                     product_id: "CSAFPID-233785",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "fortinet",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2022-23439",
         references: [
            {
               category: "self",
               summary: "CVE-2022-23439",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-23439.json",
            },
         ],
         title: "CVE-2022-23439",
      },
      {
         cve: "CVE-2023-37936",
         cwe: {
            id: "CWE-321",
            name: "Use of Hard-coded Cryptographic Key",
         },
         notes: [
            {
               category: "other",
               text: "Use of Hard-coded Cryptographic Key",
               title: "CWE-321",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-113747",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-37936",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37936.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-113747",
               ],
            },
         ],
         title: "CVE-2023-37936",
      },
      {
         cve: "CVE-2023-37937",
         cwe: {
            id: "CWE-78",
            name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
               title: "CWE-78",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-113747",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-37937",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37937.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-113747",
               ],
            },
         ],
         title: "CVE-2023-37937",
      },
      {
         cve: "CVE-2023-42785",
         cwe: {
            id: "CWE-476",
            name: "NULL Pointer Dereference",
         },
         notes: [
            {
               category: "other",
               text: "NULL Pointer Dereference",
               title: "CWE-476",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2023-42785",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42785.json",
            },
         ],
         title: "CVE-2023-42785",
      },
      {
         cve: "CVE-2023-42791",
         cwe: {
            id: "CWE-23",
            name: "Relative Path Traversal",
         },
         notes: [
            {
               category: "other",
               text: "Relative Path Traversal",
               title: "CWE-23",
            },
            {
               category: "other",
               text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
               title: "CWE-22",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2023-42791",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42791.json",
            },
         ],
         title: "CVE-2023-42791",
      },
      {
         cve: "CVE-2023-46715",
         cwe: {
            id: "CWE-346",
            name: "Origin Validation Error",
         },
         notes: [
            {
               category: "other",
               text: "Origin Validation Error",
               title: "CWE-346",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-265532",
               "CSAFPID-113752",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2023-46715",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46715.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N/E:P/RL:X/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-265532",
                  "CSAFPID-113752",
               ],
            },
         ],
         title: "CVE-2023-46715",
      },
      {
         cve: "CVE-2024-21762",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-113752",
               "CSAFPID-265532",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-21762",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21762.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:W/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-113752",
                  "CSAFPID-265532",
               ],
            },
         ],
         title: "CVE-2024-21762",
      },
      {
         cve: "CVE-2024-26012",
         cwe: {
            id: "CWE-78",
            name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
               title: "CWE-78",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-26012",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26012.json",
            },
         ],
         title: "CVE-2024-26012",
      },
      {
         cve: "CVE-2024-27778",
         cwe: {
            id: "CWE-78",
            name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
               title: "CWE-78",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-27778",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27778.json",
            },
         ],
         title: "CVE-2024-27778",
      },
      {
         cve: "CVE-2024-32115",
         cwe: {
            id: "CWE-22",
            name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
               title: "CWE-22",
            },
            {
               category: "other",
               text: "Relative Path Traversal",
               title: "CWE-23",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-233785",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-32115",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32115.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-233785",
               ],
            },
         ],
         title: "CVE-2024-32115",
      },
      {
         cve: "CVE-2024-33502",
         cwe: {
            id: "CWE-22",
            name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
               title: "CWE-22",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-113748",
               "CSAFPID-233785",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-33502",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33502.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:F/RL:X/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-113748",
                  "CSAFPID-233785",
               ],
            },
         ],
         title: "CVE-2024-33502",
      },
      {
         cve: "CVE-2024-33503",
         cwe: {
            id: "CWE-266",
            name: "Incorrect Privilege Assignment",
         },
         notes: [
            {
               category: "other",
               text: "Incorrect Privilege Assignment",
               title: "CWE-266",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-33503",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33503.json",
            },
         ],
         title: "CVE-2024-33503",
      },
      {
         cve: "CVE-2024-35273",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-35273",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35273.json",
            },
         ],
         title: "CVE-2024-35273",
      },
      {
         cve: "CVE-2024-35275",
         cwe: {
            id: "CWE-89",
            name: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
               title: "CWE-89",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-35275",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35275.json",
            },
         ],
         title: "CVE-2024-35275",
      },
      {
         cve: "CVE-2024-35276",
         cwe: {
            id: "CWE-121",
            name: "Stack-based Buffer Overflow",
         },
         notes: [
            {
               category: "other",
               text: "Stack-based Buffer Overflow",
               title: "CWE-121",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-35276",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35276.json",
            },
         ],
         title: "CVE-2024-35276",
      },
      {
         cve: "CVE-2024-35277",
         cwe: {
            id: "CWE-306",
            name: "Missing Authentication for Critical Function",
         },
         notes: [
            {
               category: "other",
               text: "Missing Authentication for Critical Function",
               title: "CWE-306",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-35277",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35277.json",
            },
         ],
         title: "CVE-2024-35277",
      },
      {
         cve: "CVE-2024-36504",
         cwe: {
            id: "CWE-125",
            name: "Out-of-bounds Read",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Read",
               title: "CWE-125",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-36504",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36504.json",
            },
         ],
         title: "CVE-2024-36504",
      },
      {
         cve: "CVE-2024-36512",
         cwe: {
            id: "CWE-22",
            name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
               title: "CWE-22",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-113748",
               "CSAFPID-233785",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-36512",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36512.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-113748",
                  "CSAFPID-233785",
               ],
            },
         ],
         title: "CVE-2024-36512",
      },
      {
         cve: "CVE-2024-46662",
         product_status: {
            known_affected: [
               "CSAFPID-233785",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-46662",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46662.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-233785",
               ],
            },
         ],
         title: "CVE-2024-46662",
      },
      {
         cve: "CVE-2024-46665",
         cwe: {
            id: "CWE-201",
            name: "Insertion of Sensitive Information Into Sent Data",
         },
         notes: [
            {
               category: "other",
               text: "Insertion of Sensitive Information Into Sent Data",
               title: "CWE-201",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-113752",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-46665",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46665.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.7,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-113752",
               ],
            },
         ],
         title: "CVE-2024-46665",
      },
      {
         cve: "CVE-2024-46666",
         cwe: {
            id: "CWE-770",
            name: "Allocation of Resources Without Limits or Throttling",
         },
         notes: [
            {
               category: "other",
               text: "Allocation of Resources Without Limits or Throttling",
               title: "CWE-770",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-46666",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46666.json",
            },
         ],
         title: "CVE-2024-46666",
      },
      {
         cve: "CVE-2024-46668",
         cwe: {
            id: "CWE-770",
            name: "Allocation of Resources Without Limits or Throttling",
         },
         notes: [
            {
               category: "other",
               text: "Allocation of Resources Without Limits or Throttling",
               title: "CWE-770",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-46668",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46668.json",
            },
         ],
         title: "CVE-2024-46668",
      },
      {
         cve: "CVE-2024-46669",
         cwe: {
            id: "CWE-190",
            name: "Integer Overflow or Wraparound",
         },
         notes: [
            {
               category: "other",
               text: "Integer Overflow or Wraparound",
               title: "CWE-190",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-46669",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46669.json",
            },
         ],
         title: "CVE-2024-46669",
      },
      {
         cve: "CVE-2024-46670",
         cwe: {
            id: "CWE-125",
            name: "Out-of-bounds Read",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Read",
               title: "CWE-125",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-265532",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-46670",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-46670.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:X/RL:X/RC:X",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-265532",
               ],
            },
         ],
         title: "CVE-2024-46670",
      },
      {
         cve: "CVE-2024-47571",
         cwe: {
            id: "CWE-672",
            name: "Operation on a Resource after Expiration or Release",
         },
         notes: [
            {
               category: "other",
               text: "Operation on a Resource after Expiration or Release",
               title: "CWE-672",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-233785",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-47571",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47571.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-233785",
               ],
            },
         ],
         title: "CVE-2024-47571",
      },
      {
         cve: "CVE-2024-48884",
         cwe: {
            id: "CWE-22",
            name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
               title: "CWE-22",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-265532",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-48884",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-48884.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-265532",
               ],
            },
         ],
         title: "CVE-2024-48884",
      },
      {
         cve: "CVE-2024-48886",
         cwe: {
            id: "CWE-1390",
            name: "Weak Authentication",
         },
         notes: [
            {
               category: "other",
               text: "Weak Authentication",
               title: "CWE-1390",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-265532",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-48886",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-48886.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:R",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-265532",
               ],
            },
         ],
         title: "CVE-2024-48886",
      },
      {
         cve: "CVE-2024-50566",
         cwe: {
            id: "CWE-78",
            name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
               title: "CWE-78",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-50566",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50566.json",
            },
         ],
         title: "CVE-2024-50566",
      },
      {
         cve: "CVE-2024-52963",
         cwe: {
            id: "CWE-787",
            name: "Out-of-bounds Write",
         },
         notes: [
            {
               category: "other",
               text: "Out-of-bounds Write",
               title: "CWE-787",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-265532",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-52963",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52963.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.7,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:W/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-265532",
               ],
            },
         ],
         title: "CVE-2024-52963",
      },
      {
         cve: "CVE-2024-54021",
         cwe: {
            id: "CWE-113",
            name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')",
               title: "CWE-113",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-265532",
               "CSAFPID-113752",
            ],
         },
         references: [
            {
               category: "self",
               summary: "CVE-2024-54021",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54021.json",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:F/RL:X/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-265532",
                  "CSAFPID-113752",
               ],
            },
         ],
         title: "CVE-2024-54021",
      },
   ],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-36512 (GCVE-0-2024-36512)

Vulnerability from cvelistv5

fkie_cve-2024-36512

Vulnerability from fkie_nvd

ghsa-w29f-xpw3-353w

Vulnerability from github

wid-sec-w-2025-0096

Vulnerability from csaf_certbund

ncsc-2025-0018

Vulnerability from csaf_ncscnl

Tags

Sightings

Nomenclature