Unrated severityNVD Advisory· Published Aug 13, 2024· Updated Aug 13, 2024
CVE-2024-21757
CVE-2024-21757
Description
A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, allows an attacker to modify admin passwords via the device configuration backup.
Affected products
47.0.0-7.0.10, 7.2.0-7.2.4, 7.4.0-7.4.1+ 1 more
- (no CPE)range: 7.0.0-7.0.10, 7.2.0-7.2.4, 7.4.0-7.4.1
- (no CPE)range: 7.4.0
7.0.0-7.0.10, 7.2.0-7.2.4, 7.4.0-7.4.1+ 1 more
- (no CPE)range: 7.0.0-7.0.10, 7.2.0-7.2.4, 7.4.0-7.4.1
- (no CPE)range: 7.4.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.