CVE-2021-24008

Summary

CVE-2021-24008 is a vulnerability affecting multiple Fortinet products, including FortiDDoS, FortiVoice, FortiRecorder, and FortiMail. This issue, categorized as CWE-497, exposes sensitive system information to an unauthorized control sphere. An attacker can exploit this vulnerability remotely and without authentication to access potentially sensitive software-version information by reading a JavaScript file. Affected versions include FortiDDoS 5.4.0 and below, FortiDDoS-CM 5.3.0 and below, FortiVoice 6.0.6 and below, FortiRecorder 6.0.3 and below, FortiMail 6.4.1 and below, version 6.2.4 and below, version 6.0.9 and below for FortiDDoS, FortiDDoS-CM, FortiVoice, and FortiRecorder respectively, and version 5.0.0 and below for FortiMail.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.