ГлавнаяУязвимости → CVE-2024-35277
8.6высокая

CVE-2024-35277

Описание

A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0.15, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to access to the configuration of the managed devices by sending specifically crafted packets

Затрагиваемое ПО
Fortinet FortimanagerFortinet Fortimanager cloud
CVSS
Балл8.6 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Источники
https://fortiguard.fortinet.com/psirt/FG-IR-24-135