Vulnerability Details CVE-2024-45330
A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.2 through 7.2.5 allows attacker to escalate its privileges via specially crafted requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.5%
CVSS Severity
CVSS v3 Score 7.2
Products affected by CVE-2024-45330
-
cpe:2.3:a:fortinet:fortianalyzer:7.2.2
-
cpe:2.3:a:fortinet:fortianalyzer:7.2.3
-
cpe:2.3:a:fortinet:fortianalyzer:7.2.4
-
cpe:2.3:a:fortinet:fortianalyzer:7.2.5
-
cpe:2.3:a:fortinet:fortianalyzer:7.4.0
-
cpe:2.3:a:fortinet:fortianalyzer:7.4.1
-
cpe:2.3:a:fortinet:fortianalyzer:7.4.2
-
cpe:2.3:a:fortinet:fortianalyzer:7.4.3
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.2.2
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.2.3
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.2.4
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.2.5
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.2.6
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.4.1
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.4.2
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.4.3