CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-54020

A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0 through 7.0.7 may allow an authenticated attacker to overwrite global threat feeds via crafted update requests.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.4%

CVSS Severity

CVSS v3 Score 2.3

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-023

Products affected by CVE-2024-54020

Fortinet » Fortimanager » Version: 7.0.0

cpe:2.3:a:fortinet:fortimanager:7.0.0
Fortinet » Fortimanager » Version: 7.0.1

cpe:2.3:a:fortinet:fortimanager:7.0.1
Fortinet » Fortimanager » Version: 7.0.2

cpe:2.3:a:fortinet:fortimanager:7.0.2
Fortinet » Fortimanager » Version: 7.0.3

cpe:2.3:a:fortinet:fortimanager:7.0.3
Fortinet » Fortimanager » Version: 7.0.4

cpe:2.3:a:fortinet:fortimanager:7.0.4
Fortinet » Fortimanager » Version: 7.0.5

cpe:2.3:a:fortinet:fortimanager:7.0.5
Fortinet » Fortimanager » Version: 7.0.6

cpe:2.3:a:fortinet:fortimanager:7.0.6
Fortinet » Fortimanager » Version: 7.0.7

cpe:2.3:a:fortinet:fortimanager:7.0.7
Fortinet » Fortimanager » Version: 7.2.0

cpe:2.3:a:fortinet:fortimanager:7.2.0
Fortinet » Fortimanager » Version: 7.2.1

cpe:2.3:a:fortinet:fortimanager:7.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-54020

Products

Pricing

Contact Us