CVE-2024-46662

Summary

A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiManager versions 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to escalation of privilege via specifically crafted packets

Affected Software

VendorProductVersion RangeStatus
FortinetFortiManager7.4.1 <= 7.4.3affected

Weaknesses

  • CWE-77: Escalation of privilege

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References