CVE-2024-26009
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Summary
An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS 6.4.0 through 6.4.15, FortiOS 6.2.0 through 6.2.16, FortiOS 6.0 all versions, FortiPAM 1.2.0, FortiPAM 1.1.0 through 1.1.2, FortiPAM 1.0.0 through 1.0.3, FortiProxy 7.4.0 through 7.4.2, FortiProxy 7.2.0 through 7.2.8, FortiProxy 7.0.0 through 7.0.15, FortiSwitchManager 7.2.0 through 7.2.3, FortiSwitchManager 7.0.0 through 7.0.3 allows an unauthenticated attacker to seize control of a managed device via crafted FGFM requests, if the device is managed by a FortiManager, and if the attacker knows that FortiManager's serial number.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Fortinet | FortiProxy | 7.4.0 <= 7.4.2 | affected |
| Fortinet | FortiProxy | 7.2.0 <= 7.2.8 | affected |
| Fortinet | FortiProxy | 7.0.0 <= 7.0.15 | affected |
| Fortinet | FortiOS | 6.4.0 <= 6.4.15 | affected |
| Fortinet | FortiOS | 6.2.0 <= 6.2.16 | affected |
| Fortinet | FortiOS | 6.0.0 <= 6.0.18 | affected |
| Fortinet | FortiPAM | 1.2.0 | affected |
| Fortinet | FortiPAM | 1.1.0 <= 1.1.2 | affected |
| Fortinet | FortiPAM | 1.0.0 <= 1.0.3 | affected |
| Fortinet | FortiSwitchManager | 7.2.0 <= 7.2.3 | affected |
| Fortinet | FortiSwitchManager | 7.0.0 <= 7.0.3 | affected |
Weaknesses
- CWE-288: Execute unauthorized code or commands
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.