How severe is CVE-2024-33508?

CVE-2024-33508 has a CVSS v3 score of 7.3 (HIGH).

CVE-2024-33508

Name: forticlient_enterprise_management_server
Author: fortinet

7.3HIGH

An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2.0 through 7.2.4, 7.0.0 through 7.0.12 may allow an unauthen

Publicado: 9/10/2024Atualizado: 9/20/2024

Descrição

An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2.0 through 7.2.4, 7.0.0 through 7.0.12 may allow an unauthenticated attacker to execute limited and temporary operations on the underlying database via crafted requests.

Análise IADesenvolvido por IA

Produtos Afetados

fortinetforticlient_enterprise_management_server

Referências

https://fortiguard.fortinet.com/psirt/FG-IR-24-123
Vendor Advisory