CVE-2024-47569Sensitive Info Insertion into Sent Data in Fortinet Fortimail

CWE-201Sensitive Info Insertion into Sent Data4 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
0.0%
top 99.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Fortinet FortimailFortinet FortimanagerFortinet Fortimanager Cloud+9 more
Timeline
PublishedOct 14

Description

A insertion of sensitive information into sent data vulnerability in Fortinet FortiMail 7.4.0 through 7.4.2, FortiMail 7.2.0 through 7.2.6, FortiMail 7.0 all versions, FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.1 through 7.4.3, FortiManager Cloud 7.4.1 through 7.4.3, FortiNDR 7.6.0 through 7.6.1, FortiNDR 7.4.0 through 7.4.8, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiNDR 1.5 all versions, FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.4, FortiOS 7.2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages23 packages

NVDfortinet/fortios6.0.06.4.16+4
NVDfortinet/fortiproxy1.0.07.2.11+1
CVEListV5fortinet/fortios7.4.07.4.4+4
CVEListV5fortinet/fortiproxy7.4.07.4.4+2
NVDfortinet/fortindr1.5.07.4.9+1

🔴Vulnerability Details

2
CVEList
CVE-2024-47569: A insertion of sensitive information into sent data vulnerability in Fortinet FortiMail 72025-10-14
GHSA
GHSA-xh2m-hvr8-55pq: A insertion of sensitive information into sent data in Fortinet FortiManager Cloud 72025-10-14

📋Vendor Advisories

1
Fortinet
Insertion of Sensitive Information Into Sent Data Vulnerability in csfd daemon2025-10-14
CVE-2024-47569 — Fortinet Fortimail vulnerability | cvebase