A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
History

Wed, 09 Oct 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2024-10-09'}


Wed, 09 Oct 2024 13:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:fortinet:fortios:*:*:*:*:*:*:*:*
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2024-02-15T13:59:25.313Z

Updated: 2024-10-10T14:01:05.045Z

Reserved: 2024-01-11T16:29:07.980Z

Link: CVE-2024-23113

cve-icon Vulnrichment

Updated: 2024-08-01T22:51:11.285Z

cve-icon NVD

Status : Analyzed

Published: 2024-02-15T14:15:46.503

Modified: 2024-11-29T15:09:12.633

Link: CVE-2024-23113

cve-icon Redhat

No data.