CVE-2024-47571

Published: Jan 14, 2025Modified: Mar 19, 2025

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper access to FortiGate via valid credentials.

Affected (4)

Products: Fortinet: Fortimanager

Fortinet

1 product

Fortimanager

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Fortinet Fortimanager	From 7.0.7 to 7.0.9
Fortinet Fortimanager	Version 6.4.12
Fortinet Fortimanager	Version 7.2.3
Fortinet Fortimanager	Version 7.4.0

Related CWEs

CWE-672

Operation on a Resource after Expiration or Release

The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.

References (1)

https://fortiguard.fortinet.com/psirt/FG-IR-24-239

Source: psirt@fortinet.com

Vendor Advisory

Timeline

No history available yet.