How severe is CVE-2024-36510?

CVE-2024-36510 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2024-36510

Name: fortisoar
Author: fortinet

5.3MEDIUM

An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versio

Published: 1/14/2025Updated: 1/31/2025

Description

An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to enumerate valid users via observing login request responses.

AI AnalysisPowered by AI

Affected Products

fortinetforticlientems

7.4.0

fortinetfortisoar

7.5.0

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-071
Vendor Advisory