CVE-2024-35273

Summary

A out-of-bounds write in Fortinet FortiManager version 7.4.0 through 7.4.2, FortiAnalyzer version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiAnalyzer7.4.0 <= 7.4.3affected
FortinetFortiManager7.4.0 <= 7.4.2affected

Weaknesses

  • CWE-787: Escalation of privilege

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References