CVE-2024-32116

CVSS 3.1 Score 5.1 of 10 (medium)

Details

Published Nov 12, 2024
Updated: Nov 13, 2024
CWE ID 23

Summary

CVE-2024-32116 is a critical vulnerability affecting Fortinet FortiManager versions 7.4.0 through 7.4.2 and older versions 7.2.5, FortiAnalyzer versions 7.4.0 through 7.4.2 and older versions 7.2.5, and FortiAnalyzer-BigData version 7.4.0 and older version 7.2.7. This issue involves multiple relative path traversal vulnerabilities [CWE-23], which allow a privileged attacker to manipulate crafted CLI requests and delete files from the underlying filesystem. Successful exploitation of this vulnerability could result in significant data loss or system compromise. Users are strongly advised to update their affected Fortinet devices to the latest patched versions as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • FortiAnalyzer
  • FortiManager

Affected Vendors

  • Fortinet