CVE-2024-21757
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-21757 is a vulnerability affecting Fortinet FortiManager and FortiAnalyzer versions. An unauthenticated attacker can exploit this issue by modifying admin passwords through the device configuration backup. Versions 7.0.0 through 7.0.10, 7.2.0 through 7.2.4, and 7.4.0 through 7.4.1 of FortiManager, and corresponding versions of FortiAnalyzer, are all impacted. This vulnerability poses a significant risk, as an attacker gaining access to these systems with administrative privileges can cause extensive damage. Fortinet has released patches to address this issue, and administrators are urged to apply them promptly to mitigate the threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- FortiManager
- FortiAnalyzer
Affected Vendors
- Fortinet