CVE-2024-47571

Critical

An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper…

fortinet·CWE-672·Published 2025-01-14

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

179 chars

An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper access to FortiGate via valid credentials.

NVDen

179 chars

An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper access to FortiGate via valid credentials.

Una operación en un recurso después de su vencimiento o liberación en Fortinet FortiManager 6.4.12 a 7.4.0 permite a un atacante obtener acceso indebido a FortiGate a través de credenciales válidas.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	7.9	—	—	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C
3.1	Primary	cve.org	7.9	—	—	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C
3.1	Secondary	NVD	8.1	2.2	5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H