VDB
CVE-2024-32116
CVE-2024-32116
PUBLISHED
Es besteht eine Schwachstelle in Fortinet FortiAnalyzer und Fortinet FortiManager. Die Schwachstelle resultiert aus mehreren relativen Pfadtraversalproblemen. Ein lokaler Angreifer mit erweiterten Rechten kann diese Schwachstelle ausnutzen, um Dateien aus dem unterliegenden Dateisystem durch speziell gestaltete CLI-Anfragen zu löschen.
EPSS 0.14% · 34.5th percentile
Risk Scores
EPSS Score
0.14%
34.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | Fortinet FortiAnalyzer <7.4.3 | |
| Fortinet | Fortinet FortiAnalyzer <6.4.15 | |
| Fortinet | Fortinet FortiAnalyzer BigData <7.2.8 | |
| Fortinet | Fortinet FortiManager <7.4.3 | |
| Fortinet | Fortinet FortiAnalyzer BigData <7.4.1 | |
| Fortinet | Fortinet FortiAnalyzer BigData <7.2.7 | |
| Fortinet | Fortinet FortiManager <7.0.13 | |
| Fortinet | Fortinet FortiManager <7.2.6 | |
| Fortinet | Fortinet FortiAnalyzer BigData <7.2.6 | |
| Fortinet | Fortinet FortiAnalyzer <7.2.6 | |
| Fortinet | Fortinet FortiManager <6.4.15 | |
| Fortinet | Fortinet FortiAnalyzer <7.0.13 |
Exploit Intelligence
- CIRCL seen: CVE-2024-32116 (circl-sighting)
- CIRCL seen: CVE-2024-32116 (circl-sighting)
- https://fortiguard.fortinet.com/psirt/FG-IR-24-099 (circl)
Timeline
- Nov 12, 2024 CVE Published
- Nov 12, 2024 PoC Published
- Nov 13, 2024 EPSS Score
- Nov 13, 2024 Coalition ESS Score
- Nov 13, 2024 Coalition ESS Score
- Nov 13, 2024 PoC Published
- Dec 2, 2024 EPSS Score
- Dec 19, 2024 EPSS Score
- Jan 6, 2025 EPSS Score
- Jan 24, 2025 EPSS Score
- Feb 10, 2025 EPSS Score
- Feb 18, 2025 Coalition ESS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3447.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3447 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-267 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-396 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-098 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-099 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-115 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-116 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-125 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-179 advisory