CVE-2024-50563
published 2025-01-16CVE-2024-50563: A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortianalyzer | — | — |
| fortinet | fortianalyzer | >= 7.4.1 < 7.4.4 | 7.4.4 |
| fortinet | fortianalyzer | 7.4.1 – 7.4.3 | — |
| fortinet | fortianalyzer | >= 7.6.0 < 7.6.2 | 7.6.2 |
| fortinet | fortianalyzer | 7.6.0 – 7.6.1 | — |
| fortinet | fortianalyzer_cloud | >= 7.4.1 < 7.4.4 | 7.4.4 |
| fortinet | fortianalyzercloud | — | — |
| fortinet | fortimanager | — | — |
| fortinet | fortimanager | >= 7.4.1 < 7.4.4 | 7.4.4 |
| fortinet | fortimanager | 7.4.1 – 7.4.3 | — |
| fortinet | fortimanager | >= 7.6.0 < 7.6.2 | 7.6.2 |
| fortinet | fortimanager | 7.6.0 – 7.6.1 | — |
| fortinet | fortimanager_cloud | >= 7.4.1 < 7.4.4 | 7.4.4 |
| fortinet | fortimanagercloud | — | — |
| fortinet | fortinet | — | — |
| fortinet | fortios | — | — |
| fortinet | fortiproxy | — | — |