CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-40590

An improper certificate validation vulnerability [CWE-295] in FortiPortal version 7.4.0, version 7.2.4 and below, version 7.0.8 and below, version 6.0.15 and below when connecting to a FortiManager device, a FortiAnalyzer device, or an SMTP server may allow an unauthenticated attacker in a Man-in-the-Middle position to intercept on and tamper with the encrypted communication channel established between the FortiPortal and those endpoints.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 2.7%

CVSS Severity

CVSS v3 Score 4.8

References

https://fortiguard.fortinet.com/psirt/FG-IR-22-155

Products affected by CVE-2024-40590

Fortinet » Fortiportal » Version: 6.0.0

cpe:2.3:a:fortinet:fortiportal:6.0.0
Fortinet » Fortiportal » Version: 6.0.1

cpe:2.3:a:fortinet:fortiportal:6.0.1
Fortinet » Fortiportal » Version: 6.0.10

cpe:2.3:a:fortinet:fortiportal:6.0.10
Fortinet » Fortiportal » Version: 6.0.11

cpe:2.3:a:fortinet:fortiportal:6.0.11
Fortinet » Fortiportal » Version: 6.0.12

cpe:2.3:a:fortinet:fortiportal:6.0.12
Fortinet » Fortiportal » Version: 6.0.13

cpe:2.3:a:fortinet:fortiportal:6.0.13
Fortinet » Fortiportal » Version: 6.0.14

cpe:2.3:a:fortinet:fortiportal:6.0.14
Fortinet » Fortiportal » Version: 6.0.15

cpe:2.3:a:fortinet:fortiportal:6.0.15
Fortinet » Fortiportal » Version: 6.0.2

cpe:2.3:a:fortinet:fortiportal:6.0.2
Fortinet » Fortiportal » Version: 6.0.3

cpe:2.3:a:fortinet:fortiportal:6.0.3
Fortinet » Fortiportal » Version: 6.0.4

cpe:2.3:a:fortinet:fortiportal:6.0.4
Fortinet » Fortiportal » Version: 6.0.5

cpe:2.3:a:fortinet:fortiportal:6.0.5
Fortinet » Fortiportal » Version: 6.0.6

cpe:2.3:a:fortinet:fortiportal:6.0.6
Fortinet » Fortiportal » Version: 6.0.7

cpe:2.3:a:fortinet:fortiportal:6.0.7
Fortinet » Fortiportal » Version: 6.0.8

cpe:2.3:a:fortinet:fortiportal:6.0.8
Fortinet » Fortiportal » Version: 6.0.9

cpe:2.3:a:fortinet:fortiportal:6.0.9
Fortinet » Fortiportal » Version: 7.0.0

cpe:2.3:a:fortinet:fortiportal:7.0.0
Fortinet » Fortiportal » Version: 7.0.1

cpe:2.3:a:fortinet:fortiportal:7.0.1
Fortinet » Fortiportal » Version: 7.0.2

cpe:2.3:a:fortinet:fortiportal:7.0.2
Fortinet » Fortiportal » Version: 7.0.3

cpe:2.3:a:fortinet:fortiportal:7.0.3
Fortinet » Fortiportal » Version: 7.0.4

cpe:2.3:a:fortinet:fortiportal:7.0.4
Fortinet » Fortiportal » Version: 7.0.5

cpe:2.3:a:fortinet:fortiportal:7.0.5
Fortinet » Fortiportal » Version: 7.0.6

cpe:2.3:a:fortinet:fortiportal:7.0.6
Fortinet » Fortiportal » Version: 7.0.7

cpe:2.3:a:fortinet:fortiportal:7.0.7
Fortinet » Fortiportal » Version: 7.0.8

cpe:2.3:a:fortinet:fortiportal:7.0.8
Fortinet » Fortiportal » Version: 7.2.0

cpe:2.3:a:fortinet:fortiportal:7.2.0
Fortinet » Fortiportal » Version: 7.2.1

cpe:2.3:a:fortinet:fortiportal:7.2.1
Fortinet » Fortiportal » Version: 7.2.2

cpe:2.3:a:fortinet:fortiportal:7.2.2
Fortinet » Fortiportal » Version: 7.2.4

cpe:2.3:a:fortinet:fortiportal:7.2.4
Fortinet » Fortiportal » Version: 7.4.0

cpe:2.3:a:fortinet:fortiportal:7.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-40590

Products

Pricing

Contact Us