CVE-2024-45329

MEDIUM

4.3CVSS v3

—CVSS v2

0.17% EPSS (exploit probability)

CWE-639CWE

Description

A authorization bypass through user-controlled key in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.8 may allow an authenticated attacker to view unauthorized device information via key modification in API requests.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE