CVE-2024-31487: Arbitrary file read on endpoint
First published: Tue Apr 09 2024(Updated: )
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.0 through 2.4.1 may allows attacker to information disclosure via crafted http requests.
Credit: psirt@fortinet.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiSandbox Firmware | >=2.4.0<4.2.7 | |
| Fortinet FortiSandbox Firmware | >=4.4.0<4.4.5 | |
| Fortinet FortiSandbox Firmware | >=4.4.0<=4.4.4 | |
| Fortinet FortiSandbox Firmware | >=4.2.0<=4.2.6 | |
| Fortinet FortiSandbox Firmware | >=4.0 | |
| Fortinet FortiSandbox Firmware | >=3.2 | |
| Fortinet FortiSandbox Firmware | >=3.1 | |
| Fortinet FortiSandbox Firmware | >=3.0 | |
| Fortinet FortiSandbox Firmware | >=2.5 | |
| Fortinet FortiSandbox Firmware | >=2.4 |
Remedy
Please upgrade to FortiSandbox version 4.4.5 or above Please upgrade to FortiSandbox version 4.2.7 or above
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-31487?
CVE-2024-31487 is classified with a high severity due to its path traversal vulnerability allowing unauthorized access to restricted directories.
How do I fix CVE-2024-31487?
To mitigate CVE-2024-31487, upgrade Fortinet FortiSandbox to version 4.4.5 or higher, 4.2.7 or higher, or ensure you are using a version not affected by the vulnerability.
What affected versions are there for CVE-2024-31487?
CVE-2024-31487 affects multiple Fortinet FortiSandbox versions including 4.4.0 through 4.4.4 and several earlier major versions as listed in the vulnerability release.
Can CVE-2024-31487 lead to data breaches?
Yes, CVE-2024-31487 could potentially lead to data breaches by allowing attackers to access unauthorized files on the system.
Is there a workaround for CVE-2024-31487?
There is no official workaround for CVE-2024-31487; the recommended action is to upgrade to secure versions immediately.
- agent/remedy
- agent/weakness
- agent/type
- agent/author
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- collector/fortiguard-psirt-latest
- source/FortiGuard
- alias/CVE-2024-31487
- agent/references
- agent/title
- agent/first-publish-date
- agent/description
- agent/trending
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/fortiguard-psirt
- vendor/fortinet
- canonical/fortinet fortisandbox firmware
- version/fortinet fortisandbox firmware/2.4.0
- version/fortinet fortisandbox firmware/4.4.0
- version/fortinet fortisandbox firmware/4.4.4
- version/fortinet fortisandbox firmware/4.2.0
- version/fortinet fortisandbox firmware/4.2.6
- version/fortinet fortisandbox firmware/4.0
- version/fortinet fortisandbox firmware/3.2
- version/fortinet fortisandbox firmware/3.1
- version/fortinet fortisandbox firmware/3.0
- version/fortinet fortisandbox firmware/2.5
- version/fortinet fortisandbox firmware/2.4