216.73.217.17

CVE-2024-54020

· Published 28/05/2025 08:15 · Modified 28/05/2025 15:01

Labels: CVE-2024-54020 2025-05-28CVE-2024-54020CWE-862[email protected]

Essential information

Published
28/05/2025 08:15
Modified
28/05/2025 15:01
Author
Creator
CVSS
2.3 LOW (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

CVSS metrics

Description

A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0 through 7.0.7 may allow an authenticated attacker to overwrite global threat feeds via crafted update requests.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
fortinet / fortimanager cpe:2.3:a:fortinet:fortimanager:7.0.0-7.0.7:*:*:*:*:*:*:*
fortinet / fortimanager cpe:2.3:a:fortinet:fortimanager:7.2.0-7.2.1:*:*:*:*:*:*:*

References