vulnerability
Fortinet FortiAnalyzer: Unspecified Security Vulnerability (CVE-2024-23666)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:S/C:C/I:C/A:C) | Nov 12, 2024 | Jan 24, 2025 | Aug 1, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:S/C:C/I:C/A:C)
Published
Nov 12, 2024
Added
Jan 24, 2025
Modified
Aug 1, 2025
Description
A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData
at least version 7.4.0 and 7.2.0 through 7.2.6 and 7.0.1 through 7.0.6 and 6.4.5 through 6.4.7 and 6.2.5, FortiManager version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.4 and 7.0.0 through 7.0.11 and 6.4.0 through 6.4.14, FortiAnalyzer version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.4 and 7.0.0 through 7.0.11 and 6.4.0 through 6.4.14 allows attacker to improper access control via crafted requests.
Solutions
fortinet-fortianalyzer-upgrade-6_4_15fortinet-fortianalyzer-upgrade-7_0_13fortinet-fortianalyzer-upgrade-7_2_6fortinet-fortianalyzer-upgrade-7_4_3
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.