Vulnerability Details CVE-2024-31490
An exposure of sensitive information to an unauthorized actor in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.2 through 3.2.4 and 3.1.5 allows attacker to information disclosure via HTTP get requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.2%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2024-31490
-
cpe:2.3:a:fortinet:fortisandbox:3.1.5
-
cpe:2.3:a:fortinet:fortisandbox:3.2.2
-
cpe:2.3:a:fortinet:fortisandbox:3.2.3
-
cpe:2.3:a:fortinet:fortisandbox:3.2.4
-
cpe:2.3:a:fortinet:fortisandbox:4.0.0
-
cpe:2.3:a:fortinet:fortisandbox:4.0.1
-
cpe:2.3:a:fortinet:fortisandbox:4.0.2
-
cpe:2.3:a:fortinet:fortisandbox:4.0.3
-
cpe:2.3:a:fortinet:fortisandbox:4.0.4
-
cpe:2.3:a:fortinet:fortisandbox:4.0.5
-
cpe:2.3:a:fortinet:fortisandbox:4.0.6
-
cpe:2.3:a:fortinet:fortisandbox:4.1.0
-
cpe:2.3:a:fortinet:fortisandbox:4.2.0
-
cpe:2.3:a:fortinet:fortisandbox:4.2.3
-
cpe:2.3:a:fortinet:fortisandbox:4.2.4
-
cpe:2.3:a:fortinet:fortisandbox:4.2.5
-
cpe:2.3:a:fortinet:fortisandbox:4.2.6
-
cpe:2.3:a:fortinet:fortisandbox:4.4.0
-
cpe:2.3:a:fortinet:fortisandbox:4.4.1
-
cpe:2.3:a:fortinet:fortisandbox:4.4.2
-
cpe:2.3:a:fortinet:fortisandbox:4.4.3
-
cpe:2.3:a:fortinet:fortisandbox:4.4.4