CVE-2024-33503

Summary

A improper privilege management in Fortinet FortiManager version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to escalation of privilege via specific shell commands

Affected Software

VendorProductVersion RangeStatus
FortinetFortiManager7.4.0 <= 7.4.3affected
FortinetFortiManager7.2.0 <= 7.2.5affected
FortinetFortiManager7.0.0 <= 7.0.13affected
FortinetFortiManager6.4.0 <= 6.4.15affected

Weaknesses

  • CWE-266: Escalation of privilege

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References