CVE-2024-45331
published 2025-01-16CVE-2024-45331: A incorrect privilege assignment in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A incorrect privilege assignment in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, FortiManager versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, FortiAnalyzer Cloud versions 7.4.1 through 7.4.2, 7.2.1 through 7.2.6, 7.0.1 through 7.0.13, 6.4.1 through 6.4.7 allows attacker to escalate privilege via specific shell commands
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortianalyzer | — | — |
| fortinet | fortianalyzer | >= 6.4.0 < 7.2.6 | 7.2.6 |
| fortinet | fortianalyzer | 6.4.0 – 6.4.15 | — |
| fortinet | fortianalyzer | 7.0.0 – 7.0.13 | — |
| fortinet | fortianalyzer | 7.2.0 – 7.2.5 | — |
| fortinet | fortianalyzer | >= 7.4.0 < 7.4.4 | 7.4.4 |
| fortinet | fortianalyzer | 7.4.0 – 7.4.3 | — |
| fortinet | fortianalyzer_cloud | >= 6.4.1 < 7.2.7 | 7.2.7 |
| fortinet | fortianalyzer_cloud | >= 7.4.1 < 7.4.3 | 7.4.3 |
| fortinet | fortianalyzercloud | — | — |
| fortinet | fortimanager | — | — |
| fortinet | fortimanager | >= 6.4.0 < 7.2.6 | 7.2.6 |
| fortinet | fortimanager | 6.4.0 – 6.4.15 | — |
| fortinet | fortimanager | 7.0.0 – 7.0.13 | — |
| fortinet | fortimanager | 7.2.0 – 7.2.5 | — |
| fortinet | fortimanager | >= 7.4.0 < 7.4.4 | 7.4.4 |
| fortinet | fortimanager | 7.4.0 – 7.4.2 | — |
| fortinet | fortimanager_cloud | >= 7.0.1 < 7.2.7 | 7.2.7 |
| fortinet | fortimanager_cloud | >= 7.4.1 < 7.4.4 | 7.4.4 |
| fortinet | fortimanagercloud | — | — |
| fortinet | fortinet | — | — |