Vulnerability Details CVE-2024-45330
A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.2 through 7.2.5 allows attacker to escalate its privileges via specially crafted requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.0%
CVSS Severity
CVSS v3 Score 7.2
Products affected by CVE-2024-45330
-
cpe:2.3:a:fortinet:fortianalyzer:7.2.2
-
cpe:2.3:a:fortinet:fortianalyzer:7.2.3
-
cpe:2.3:a:fortinet:fortianalyzer:7.2.4
-
cpe:2.3:a:fortinet:fortianalyzer:7.2.5
-
cpe:2.3:a:fortinet:fortianalyzer:7.4.0
-
cpe:2.3:a:fortinet:fortianalyzer:7.4.1
-
cpe:2.3:a:fortinet:fortianalyzer:7.4.2
-
cpe:2.3:a:fortinet:fortianalyzer:7.4.3
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.2.2
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.2.3
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.2.4
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.2.5
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.2.6
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.4.1
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.4.2
-
cpe:2.3:a:fortinet:fortianalyzer_cloud:7.4.3