CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-46662

A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiManager versions 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to escalation of privilege via specifically crafted packets

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.7%

CVSS Severity

CVSS v3 Score 8.8

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-222

Products affected by CVE-2024-46662

Fortinet » Fortimanager » Version: 7.4.1

cpe:2.3:a:fortinet:fortimanager:7.4.1
Fortinet » Fortimanager » Version: 7.4.2

cpe:2.3:a:fortinet:fortimanager:7.4.2
Fortinet » Fortimanager » Version: 7.4.3

cpe:2.3:a:fortinet:fortimanager:7.4.3
Fortinet » Fortimanager Cloud » Version: 7.4.1

cpe:2.3:a:fortinet:fortimanager_cloud:7.4.1
Fortinet » Fortimanager Cloud » Version: 7.4.2

cpe:2.3:a:fortinet:fortimanager_cloud:7.4.2
Fortinet » Fortimanager Cloud » Version: 7.4.3

cpe:2.3:a:fortinet:fortimanager_cloud:7.4.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-46662

Products

Pricing

Contact Us