HIGH🇵🇱 Wersja polska

CVE-2024-23105

CVSS 7.5v3.1pub. 2024-05-14upd. 2024-11-21

A Use Of Less Trusted Source [CWE-348] vulnerability in Fortinet FortiPortal version 7.0.0 through 7.0.6 and version 7.2.0 through 7.2.1 allows an unauthenticated attack to bypass IP protection through crafted HTTP or HTTPS packets.

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Fortinet Fortiportal

    APP
    Fortinet
    7.2.07.2.17.0.0 – 7.0.6
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-32588CRITICAL9.8ten sam produkt

A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and bel...

CVE-2021-32590CRITICAL9.9ten sam produkt

Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0...

CVE-2017-7342CRITICAL9.8ten sam produkt

A weak password recovery process vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an atta...

CVE-2017-7337CRITICAL9.1ten sam produkt

An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker t...

CVE-2025-24470HIGH8.6ten sam produkt

An Improper Resolution of Path Equivalence vulnerability [CWE-41] in FortiPortal 7.4.0 through 7.4.2, 7.2.0 th...