CVE-2024-32116
CVSS 3.1 Score 5.1 of 10 (medium)
Details
Summary
CVE-2024-32116 is a critical vulnerability affecting Fortinet FortiManager versions 7.4.0 through 7.4.2 and older versions 7.2.5, FortiAnalyzer versions 7.4.0 through 7.4.2 and older versions 7.2.5, and FortiAnalyzer-BigData version 7.4.0 and older version 7.2.7. This issue involves multiple relative path traversal vulnerabilities [CWE-23], which allow a privileged attacker to manipulate crafted CLI requests and delete files from the underlying filesystem. Successful exploitation of this vulnerability could result in significant data loss or system compromise. Users are strongly advised to update their affected Fortinet devices to the latest patched versions as soon as possible.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- FortiAnalyzer
- FortiManager
Affected Vendors
- Fortinet