How severe is CVE-2024-33508?

CVE-2024-33508 has a CVSS v3 score of 7.3 (HIGH).

CVE-2024-33508

Name: forticlient_enterprise_management_server
Author: fortinet

7.3HIGH

An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2.0 through 7.2.4, 7.0.0 through 7.0.12 may allow an unauthen

Publicado: 9/10/2024Actualizado: 9/20/2024

Descripción

An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2.0 through 7.2.4, 7.0.0 through 7.0.12 may allow an unauthenticated attacker to execute limited and temporary operations on the underlying database via crafted requests.

Análisis IAImpulsado por IA

Productos Afectados

fortinetforticlient_enterprise_management_server

Referencias

https://fortiguard.fortinet.com/psirt/FG-IR-24-123
Vendor Advisory