VDB
CVE-2024-21760
CVE-2024-21760
PUBLISHED
CVSS 7.699999809265137 HIGH
An improper control of generation of code ('Code Injection') vulnerability [CWE-94] in FortiSOAR Connector FortiSOAR 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an authenticated attacker to execute arbitrary code on the host via a playbook code snippet.
EPSS 0.28% · 51.8th percentile
Risk Scores
CVSS 3.1
7.699999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:X/RC:X
EPSS Score
0.28%
51.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| fortinet | fortisoar | 6.4.0 |
| Fortinet | FortiSOAR | 7.3.0, 7.2.0, 7.4.0 |
Exploit Intelligence
- CIRCL seen: CVE-2024-21760 (circl-sighting)
- CIRCL seen: CVE-2024-21760 (circl-sighting)
- CIRCL seen: CVE-2024-21760 (circl-sighting)
- CIRCL seen: CVE-2024-21760 (circl-sighting)
- CIRCL seen: CVE-2024-21760 (circl-sighting)
- https://fortiguard.fortinet.com/psirt/FG-IR-23-420 (circl)
Timeline
- May 15, 2024 CVE Published
- Mar 18, 2025 CVE Updated
- Mar 18, 2025 PoC Published
- Mar 18, 2025 PoC Published
- Mar 18, 2025 PoC Published
- Mar 19, 2025 EPSS Score
- Mar 19, 2025 Coalition ESS Score
- Apr 1, 2025 EPSS Score
- Apr 15, 2025 EPSS Score
- Apr 28, 2025 EPSS Score
- May 11, 2025 EPSS Score
- May 25, 2025 EPSS Score
References
- https://www.fortiguard.com/psirt/FG-IR-23-225 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-040 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-282 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-406 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-137 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-222 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-052 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-474 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-195 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-433 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-021 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-420 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-054 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-465 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-415 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-191 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-017 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-120 advisory
- https://fortiguard.fortinet.com/psirt/FG-IR-23-420 url
- https://nvd.nist.gov/vuln/detail/CVE-2024-21760 advisory