CVE-2024-32124
published 2025-07-18CVE-2024-32124: An improper access control vulnerability [CWE-284] in FortiIsolator version 2.4.4, version 2.4.3, 2.3 all versions logging component may allow a remote…
medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
An improper access control vulnerability [CWE-284] in FortiIsolator version 2.4.4, version 2.4.3, 2.3 all versions logging component may allow a remote authenticated read-only attacker to alter logs via a crafted HTTP request.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortiisolator | — | — |
| fortinet | fortiisolator | 2.3.0 – 2.3.4 | — |
| fortinet | fortiisolator | >= 2.4.3 < 2.4.5 | 2.4.5 |
| fortinet | fortiisolator | 2.4.3 – 2.4.4 | — |