Vulnerability Details CVE-2024-23664
A URL redirection to untrusted site ('open redirect') in Fortinet FortiAuthenticator version 6.6.0, version 6.5.3 and below, version 6.4.9 and below may allow an attacker to to redirect users to an arbitrary website via a crafted URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.2%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2024-23664
-
cpe:2.3:a:fortinet:fortiauthenticator:6.4.0
-
cpe:2.3:a:fortinet:fortiauthenticator:6.4.1
-
cpe:2.3:a:fortinet:fortiauthenticator:6.4.10
-
cpe:2.3:a:fortinet:fortiauthenticator:6.4.2
-
cpe:2.3:a:fortinet:fortiauthenticator:6.4.3
-
cpe:2.3:a:fortinet:fortiauthenticator:6.4.4
-
cpe:2.3:a:fortinet:fortiauthenticator:6.4.5
-
cpe:2.3:a:fortinet:fortiauthenticator:6.4.6
-
cpe:2.3:a:fortinet:fortiauthenticator:6.4.7
-
cpe:2.3:a:fortinet:fortiauthenticator:6.4.8
-
cpe:2.3:a:fortinet:fortiauthenticator:6.4.9
-
cpe:2.3:a:fortinet:fortiauthenticator:6.5.0
-
cpe:2.3:a:fortinet:fortiauthenticator:6.5.1
-
cpe:2.3:a:fortinet:fortiauthenticator:6.5.2
-
cpe:2.3:a:fortinet:fortiauthenticator:6.5.3
-
cpe:2.3:a:fortinet:fortiauthenticator:6.6.0