How severe is CVE-2024-31496?

CVE-2024-31496 has a CVSS v3 score of 6.7 (MEDIUM).

CVE-2024-31496

Name: fortimanager
Author: fortinet

6.7MEDIUM

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyze

Published: 11/12/2024Updated: 1/21/2025

Description

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData 7.4.0 and before 7.2.7 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests.

AI AnalysisPowered by AI

Affected Products

fortinetfortianalyzer

fortinetfortianalyzer_big_data

7.4.0

fortinetfortimanager

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-098
Vendor Advisory