CVE-2024-45329

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-274", "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-274", "tags": ["Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A authorization bypass through user-controlled key in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.8 may allow an authenticated attacker to view unauthorized device information via key modification in API requests."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-639"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-45329", "ASSIGNER": "psirt@fortinet.com"}}, "impact": {}, "publishedDate": "2025-06-10T17:19Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "7.0.9", "versionStartIncluding": "7.0.0"}, {"cpe23Uri": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "7.2.6", "versionStartIncluding": "7.2.0"}, {"cpe23Uri": "cpe:2.3:a:fortinet:fortiportal:7.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-07-22T21:24Z"}