CVE-2024-33503
published 2025-01-14CVE-2024-33503: A improper privilege management in Fortinet FortiManager version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A improper privilege management in Fortinet FortiManager version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to escalation of privilege via specific shell commands
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortianalyzer | — | — |
| fortinet | fortianalyzer | >= 6.4.0 < 7.2.6 | 7.2.6 |
| fortinet | fortianalyzer | >= 7.4.0 < 7.4.4 | 7.4.4 |
| fortinet | fortianalyzer_cloud | >= 6.4.1 < 7.2.7 | 7.2.7 |
| fortinet | fortianalyzer_cloud | >= 7.4.1 < 7.4.3 | 7.4.3 |
| fortinet | fortianalyzercloud | — | — |
| fortinet | fortimanager | — | — |
| fortinet | fortimanager | >= 6.4.0 < 7.2.6 | 7.2.6 |
| fortinet | fortimanager | 6.4.0 – 6.4.15 | — |
| fortinet | fortimanager | 7.0.0 – 7.0.13 | — |
| fortinet | fortimanager | 7.2.0 – 7.2.5 | — |
| fortinet | fortimanager | >= 7.4.0 < 7.4.4 | 7.4.4 |
| fortinet | fortimanager | 7.4.0 – 7.4.3 | — |
| fortinet | fortimanager_cloud | >= 7.0.1 < 7.2.7 | 7.2.7 |
| fortinet | fortimanager_cloud | >= 7.4.1 < 7.4.4 | 7.4.4 |
| fortinet | fortimanagercloud | — | — |
| fortinet | fortinet | — | — |