9.8
CVE-2024-47571
- EPSS 1.28%
- Veröffentlicht 14.01.2025 14:15:32
- Zuletzt bearbeitet 19.03.2025 16:03:34
- Quelle psirt@fortinet.com
- CVE-Watchlists
- Unerledigt
An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper access to FortiGate via valid credentials.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fortinet ≫ Fortimanager Version >= 7.0.7 < 7.0.9
Fortinet ≫ Fortimanager Version6.4.12
Fortinet ≫ Fortimanager Version7.2.3
Fortinet ≫ Fortimanager Version7.4.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.28% | 0.796 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| psirt@fortinet.com | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-672 Operation on a Resource after Expiration or Release
The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.