VYPR
Medium severity5.4NVD Advisory· Published Apr 14, 2026· Updated Apr 20, 2026

CVE-2024-23104

CVE-2024-23104

Description

An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiVoice 7.0.0 through 7.0.1 may allow a remote authenticated attacker with at least read-only permission on system maintenance to access backup information via crafted HTTP requests

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Fortinet/Fortindr3 versions
    cpe:2.3:a:fortinet:fortindr:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:fortinet:fortindr:*:*:*:*:*:*:*:*range: >=7.0.0,<7.4.9
    • cpe:2.3:a:fortinet:fortindr:7.6.0:*:*:*:*:*:*:*
    • (no CPE)range: 7.6.0, 7.4.0 through 7.4.8, 7.2 all versions, 7.1 all versions, 7.0 all versions
  • cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*range: >=7.0.0,<7.0.2
    • (no CPE)range: 7.0.0 through 7.0.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.