How severe is CVE-2024-33508?

CVE-2024-33508 has a CVSS v3 score of 7.3 (HIGH).

CVE-2024-33508

Name: forticlient_enterprise_management_server
Author: fortinet

7.3HIGH

An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2.0 through 7.2.4, 7.0.0 through 7.0.12 may allow an unauthen

Published: 9/10/2024Updated: 9/20/2024

Description

An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2.0 through 7.2.4, 7.0.0 through 7.0.12 may allow an unauthenticated attacker to execute limited and temporary operations on the underlying database via crafted requests.

AI AnalysisPowered by AI

Affected Products

fortinetforticlient_enterprise_management_server

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-123
Vendor Advisory