Количество 3
Количество 3
CVE-2024-21757
A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, allows an attacker to modify admin passwords via the device configuration backup.
GHSA-q5q5-qr9g-74ch
A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, allows an attacker to modify admin passwords via the device configuration backup.
BDU:2024-07675
Уязвимость программного средства для централизованного управления устройствами Fortinet FortiManager и межсетевого экрана FortiAnalyzer, связанная с отсутствием необходимой проверки при изменении пароля, позволяющая нарушителю изменять пароли администратора
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-21757 A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, allows an attacker to modify admin passwords via the device configuration backup. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
| GHSA-q5q5-qr9g-74ch A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, allows an attacker to modify admin passwords via the device configuration backup. | CVSS3: 6.1 | 0% Низкий | больше 1 года назад |
 | BDU:2024-07675 Уязвимость программного средства для централизованного управления устройствами Fortinet FortiManager и межсетевого экрана FortiAnalyzer, связанная с отсутствием необходимой проверки при изменении пароля, позволяющая нарушителю изменять пароли администратора | CVSS3: 7.8 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу