CVE-2024-45323 in FortiEDR Managerinformation

Résumé

par MITRE • 10/09/2024

An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6.0 all versions may allow in a shared environment context an authenticated admin with REST API permissions in his profile and restricted to a specific organization to access backend logs that include information related to other organizations.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsable

Fortinet

Réserver

27/08/2024

Divulgation

10/09/2024

Modérer

accepté

Entrée

VDB-276980

CPE

prêt

EPSS

0.00363

KEV

non

Activités

très faible

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!