CVE-2024-21757
CVSS V2 None
CVSS V3 None
Description
A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, allows an attacker to modify admin passwords via the device configuration backup.
Overview
- CVE ID
- CVE-2024-21757
- Assigner
- fortinet
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-08-13T15:51:57.495Z
- Last Modified Date
- 2024-08-13T17:48:37.502Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://fortiguard.fortinet.com/psirt/FG-IR-23-467 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-21757 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21757 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-08-14 13:18:30 | Added to TrackCVE |