8.4
CVE-2024-52968
- EPSS 0.05%
- Veröffentlicht 11.02.2025 17:15:23
- Zuletzt bearbeitet 16.07.2025 15:15:25
- Quelle psirt@fortinet.com
- Teams Watchlist Login
- Unerledigt Login
An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allows attacker to gain improper access to MacOS via empty password.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fortinet ≫ FortiClient SwPlatformmacos Version >= 7.0.11 < 7.0.13
Fortinet ≫ FortiClient SwPlatformmacos Version >= 7.2.3 < 7.2.5
Fortinet ≫ FortiClient Version7.4.0 SwPlatformmacos
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.13 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.4 | 2.5 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| psirt@fortinet.com | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.