A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.0 through 2.4.1 may allows attacker to information disclosure via crafted http requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-24-060 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-04-09T14:24:21.862Z
Updated: 2024-08-02T01:52:57.095Z
Reserved: 2024-04-04T12:52:41.585Z
Link: CVE-2024-31487
Vulnrichment
Updated: 2024-07-15T17:19:33.196Z
NVD
Status : Analyzed
Published: 2024-04-09T15:15:31.753
Modified: 2024-12-23T15:05:45.840
Link: CVE-2024-31487
Redhat
No data.