CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-31493

An improper removal of sensitive information before storage or transfer vulnerability [CWE-212] in FortiSOAR version 7.3.0, version 7.2.2 and below, version 7.0.3 and below may allow an authenticated low privileged user to read Connector passwords in plain-text via HTTP responses.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.4%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2024-31493

Fortinet » Fortisoar » Version: 7.0.0

cpe:2.3:a:fortinet:fortisoar:7.0.0
Fortinet » Fortisoar » Version: 7.0.1

cpe:2.3:a:fortinet:fortisoar:7.0.1
Fortinet » Fortisoar » Version: 7.0.2

cpe:2.3:a:fortinet:fortisoar:7.0.2
Fortinet » Fortisoar » Version: 7.0.3

cpe:2.3:a:fortinet:fortisoar:7.0.3
Fortinet » Fortisoar » Version: 7.2.0

cpe:2.3:a:fortinet:fortisoar:7.2.0
Fortinet » Fortisoar » Version: 7.2.1

cpe:2.3:a:fortinet:fortisoar:7.2.1
Fortinet » Fortisoar » Version: 7.2.2

cpe:2.3:a:fortinet:fortisoar:7.2.2
Fortinet » Fortisoar » Version: 7.3.0

cpe:2.3:a:fortinet:fortisoar:7.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-31493

Products

Pricing

Contact Us