Unrated severityNVD Advisory· Published Feb 11, 2025· Updated Feb 12, 2025
CVE-2024-36508
CVE-2024-36508
Description
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 and Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 CLI allows an authenticated admin user with diagnose privileges to delete files on the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*range: 7.4.0
- (no CPE)range: >=7.4.0, <=7.4.2 || <7.2.5
cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*range: 7.4.0
- (no CPE)range: >=7.4.0, <=7.4.2 || <7.2.5
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.