How severe is CVE-2024-45323?

CVE-2024-45323 has a CVSS v3 score of 4.3 (MEDIUM).

CVE-2024-45323

Name: fortiedrmanager
Author: fortinet

4.3MEDIUM

An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6.0 all versions may allow in a shared environment context an authenticated admin with REST API permissi

Veröffentlicht: 9/10/2024Aktualisiert: 9/20/2024

Beschreibung

An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6.0 all versions may allow in a shared environment context an authenticated admin with REST API permissions in his profile and restricted to a specific organization to access backend logs that include information related to other organizations.

KI-AnalyseKI-gestützt

Betroffene Produkte

fortinetfortiedrmanager

6.0.1

Referenzen

https://fortiguard.fortinet.com/psirt/FG-IR-24-371
Vendor Advisory