CVE-2024-45328 | THREATINT

Description

An incorrect authorization vulnerability [CWE-863] in FortiSandbox 4.4.0 through 4.4.6 may allow a low priviledged administrator to execute elevated CLI commands via the GUI console menu.

PUBLISHED Reserved 2024-08-27 | Published 2025-03-11 | Updated 2025-03-12 | Assigner fortinet

HIGH: 7.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R

Problem types

Escalation of privilege

Product status

Default status

unaffected

4.4.0 (semver)

affected

References

fortiguard.fortinet.com/psirt/FG-IR-24-261

cve.org (CVE-2024-45328)

nvd.nist.gov (CVE-2024-45328)

Download JSON