How severe is CVE-2024-45323?

CVE-2024-45323 has a CVSS v3 score of 4.3 (MEDIUM).

CVE-2024-45323

Name: fortiedrmanager
Author: fortinet

4.3MEDIUM

An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6.0 all versions may allow in a shared environment context an authenticated admin with REST API permissi

게시됨: 9/10/2024업데이트됨: 9/20/2024

설명

An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6.0 all versions may allow in a shared environment context an authenticated admin with REST API permissions in his profile and restricted to a specific organization to access backend logs that include information related to other organizations.

AI 분석AI 기반

영향받는 제품

fortinetfortiedrmanager

6.0.1

참조

https://fortiguard.fortinet.com/psirt/FG-IR-24-371
Vendor Advisory