CVE-2024-45331
EUVD-2024-4127616.01.2025, 09:15
A incorrect privilege assignment vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.3, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.4.1 through 7.4.2, FortiAnalyzer Cloud 7.2.1 through 7.2.6, FortiAnalyzer Cloud 7.0 all versions, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.4.0 through 7.4.3, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6.4 all versions allows attacker to escalate privilege via specific shell commandsEnginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| fortinet | fortianalyzer | 6.4.0 ≤ 𝑥 < 7.2.6 |
| fortinet | fortianalyzer | 7.4.0 ≤ 𝑥 < 7.4.4 |
| fortinet | fortianalyzer_cloud | 6.4.1 ≤ 𝑥 < 7.2.7 |
| fortinet | fortianalyzer_cloud | 7.4.1 ≤ 𝑥 < 7.4.3 |
| fortinet | fortimanager | 6.4.0 ≤ 𝑥 < 7.2.6 |
| fortinet | fortimanager | 7.4.0 ≤ 𝑥 < 7.4.4 |
| fortinet | fortimanager_cloud | 7.0.1 ≤ 𝑥 < 7.2.7 |
| fortinet | fortimanager_cloud | 7.4.1 ≤ 𝑥 < 7.4.4 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration