CVE-2024-32122

CVSS 2.1 LOWEPSS 0.2%CWE-257

A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to information disclosure via modification of LDAP server IP to point to a malicious server.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:C

Productos afectados

Fortinet · FortiOS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://cert-portal.siemens.com/productcert/html/ssa-864900.html https://fortiguard.fortinet.com/psirt/FG-IR-24-111