CVE-2024-27785

CVSS V2 None CVSS V3 None

Description

An improper neutralization of formula elements in a CSV File vulnerability [CWE-1236] in FortiAIOps version 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation via poisoned CSV reports.

Overview

CVE ID
CVE-2024-27785

Assigner
fortinet

Vulnerability Status
PUBLISHED

Published Version
2024-07-09T15:33:27.182Z

Last Modified Date
2024-07-09T17:49:43.410Z

Weakness Enumerations

CWE	URL
CWE-1236	http://cwe.mitre.org/data/definitions/1236.html

References

Reference URL	Reference Tags
https://fortiguard.fortinet.com/psirt/FG-IR-24-073

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-27785
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27785

History

Created	Old Value	New Value	Data Type	Notes
2024-07-10 13:19:58				Added to TrackCVE