A stack-based buffer overflow in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager Cloud versions 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.11, 6.4.1 through 6.4.7, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.11, 6.4.1 through 6.4.7 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
| Link | Resource |
|---|---|
| https://fortiguard.fortinet.com/psirt/FG-IR-24-165 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
31 Jan 2025, 17:04
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:* |
|
| First Time |
Fortinet fortimanager Cloud
Fortinet fortimanager Fortinet fortianalyzer Fortinet Fortinet fortianalyzer Cloud |
|
| CWE | CWE-787 | |
| References | () https://fortiguard.fortinet.com/psirt/FG-IR-24-165 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
14 Jan 2025, 14:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-01-14 14:15
Updated : 2025-01-31 17:04
NVD link : CVE-2024-35276
Mitre link : CVE-2024-35276
JSON object : View
Products Affected
fortinet
- fortimanager_cloud
- fortianalyzer
- fortianalyzer_cloud
- fortimanager
CWE
CWE-787
Out-of-bounds Write