cbcvebase.
CVE-2024-23104
published 2026-04-14

CVE-2024-23104: An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8, FortiNDR 7.2 all…

medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiVoice 7.0.0 through 7.0.1 may allow a remote authenticated attacker with at least read-only permission on system maintenance to access backup information via crafted HTTP requests

Affected

11 ranges
VendorProductVersion rangeFixed in
fortinetfortindr
fortinetfortindr
fortinetfortindr>= 7.0.0 < 7.4.97.4.9
fortinetfortindr7.0.0 – 7.0.7
fortinetfortindr7.1.0 – 7.1.1
fortinetfortindr7.2.0 – 7.2.5
fortinetfortindr7.4.0 – 7.4.8
fortinetfortinet
fortinetfortivoice
fortinetfortivoice>= 7.0.0 < 7.0.27.0.2
fortinetfortivoice7.0.0 – 7.0.1