CVE-2024-48887

Critical

A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin…

fortinet·CWE-620·Published 2025-04-08

CVSS

9.3

EPSS

0.11

KEV

Exploits

cve.orgen

173 chars

A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request

NVDen

173 chars

A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request

Una vulnerabilidad de cambio de contraseña no verificada en la GUI de Fortinet FortiSwitch puede permitir que un atacante remoto no autenticado cambie las contraseñas de administrador a través de una solicitud especialmente manipulada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C
3.1	Primary	cve.org	9.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C
3.1	Secondary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H