CVE-2024-36508

CVSS 3.1 Score 6 of 10 (medium)

Details

Published Feb 11, 2025

CWE ID 22

Summary

CVE-2024-36508 is a Path Traversal vulnerability affecting Fortinet FortiManager versions 7.4.0 through 7.4.2 and before 7.2.5, as well as FortiAnalyzer versions 7.4.0 through 7.4.2 and before 7.2.5. This issue permits authenticated admin users with diagnose privileges to delete files on the system beyond restricted directories, introducing potential security risks due to unintended file deletion.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

FortiAnalyzer
FortiManager

Affected Vendors

Fortinet

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wKzlIO
https://www.cve.org/CVERecord?id=CVE-2024-36508
https://nvd.nist.gov/vuln/detail/CVE-2024-36508

Back to Vulnerability Database