CVE-2024-32118
CVSS V2 None
CVSS V3 None
Description
Multiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and Fortinet FortiAnalyzer-BigData before 7.4.0 allows an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI requests.
Overview
- CVE ID
- CVE-2024-32118
- Assigner
- fortinet
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-12T18:53:56.156Z
- Last Modified Date
- 2024-11-12T20:27:32.113Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://fortiguard.fortinet.com/psirt/FG-IR-24-116 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-32118 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32118 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-11-13 13:37:05 | Added to TrackCVE |