VYPR
Unrated severityNVD Advisory· Published Feb 11, 2025· Updated Feb 12, 2025

CVE-2024-36508

CVE-2024-36508

Description

An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 and Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 CLI allows an authenticated admin user with diagnose privileges to delete files on the system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*range: 7.4.0
    • (no CPE)range: >=7.4.0, <=7.4.2 || <7.2.5
  • cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*range: 7.4.0
    • (no CPE)range: >=7.4.0, <=7.4.2 || <7.2.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.