exploitDog

GHSA-w3ph-4wxh-3hvv

Опубликовано: 16 янв. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.3

Описание

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.

Ссылки

EPSS

Процентиль: 54%

0.00309

Низкий

7.3 High

CVSS3

CVE ID

Дефекты

CWE-1390

Связанные уязвимости

CVE-2024-50563

CVSS3: 7.3

nvd

около 1 года назад

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.

BDU:2025-00471

CVSS3: 7.3

fstec

около 1 года назад

Уязвимость демона csfd программных продуктов Fortinet, позволяющая нарушителю выполнить произвольный код или команды

EPSS

Процентиль: 54%

0.00309

Низкий

7.3 High

CVSS3

CVE ID

Дефекты

CWE-1390