admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-365xx/CVE-2024-36512.json
cad-safe-bot f86b1a063d Auto-Update: 2025-01-31T17:00:31.389465+00:00
2025-01-31 17:04:00 +00:00

137 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-36512",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:30.880",
"lastModified": "2025-01-31T16:32:26.597",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.10 through 6.2.13 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests."
},
{
"lang": "es",
"value": "Una limitaci\u00f3n incorrecta de una ruta de acceso a un directorio restringido ('Path Traversal') en Fortinet FortiManager, FortiAnalyzer 7.4.0 a 7.4.3 y 7.2.0 a 7.2.5 y 7.0.2 a 7.0.12 y 6.2.10 a 6.2.13 permite a un atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de solicitudes HTTP o HTTPS manipuladas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.10",
"versionEndExcluding": "7.0.13",
"matchCriteriaId": "B2B9910D-81A2-4146-9EB3-C7D949FB2C3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.6",
"matchCriteriaId": "6FCEF6EE-A923-4DCE-A225-C6D1FB0123E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.4",
"matchCriteriaId": "E6F162A7-0D01-43E0-99D8-D7B87B080853"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.10",
"versionEndExcluding": "7.0.13",
"matchCriteriaId": "A0B65AA1-2215-4D35-B3BF-F362EE66014B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.6",
"matchCriteriaId": "605795FE-4D3E-48D4-B2E6-AED4C79B405F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.4",
"matchCriteriaId": "3AE9CAFD-5D5B-4799-8690-624225963595"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-152",
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink