A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.fortinet.com/psirt/FG-IR-24-036 |
History
Wed, 11 Dec 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-787 | |
CPEs | cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-06-11T14:32:03.697Z
Updated: 2024-08-01T23:59:31.322Z
Reserved: 2024-02-14T09:18:43.245Z
Link: CVE-2024-26010
Vulnrichment
Updated: 2024-06-11T16:39:14.293Z
NVD
Status : Analyzed
Published: 2024-06-11T15:16:04.473
Modified: 2024-12-11T19:54:35.323
Link: CVE-2024-26010
Redhat
No data.