Unrated severityCISA KEVNVD Advisory· Published Oct 23, 2024· Updated Oct 21, 2025
CVE-2024-47575
CVE-2024-47575
Description
A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*range: 7.6.0
- (no CPE)range: >=6.2.0 <=6.2.12, >=6.4.0 <=6.4.14, >=7.0.0 <=7.0.12, >=7.2.0 <=7.2.7, >=7.4.0 <=7.4.4, =7.6.0
- Range: >=6.4.1 <=6.4.7, >=7.0.1 <=7.0.12, >=7.2.1 <=7.2.7, >=7.4.1 <=7.4.4
Patches
Vulnerability mechanics
References
1News mentions
1- Risky Business #769 -- Sophos drops implants on Chinese exploit devsRisky Business · Nov 6, 2024