CVE-2024-36510
First published: Tue Jan 14 2025(Updated: )
An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to enumerate valid users via observing login request responses.
Credit: psirt@fortinet.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet EMS | =7.4.0>=7.2.0<7.2.4>=7.0 | |
| Fortinet FortiSOAR Imap Connector | =7.5.0>=7.4.0<7.4.4>=7.3.0<7.3.2>=7.2>=7.0>=6.4 | |
| Fortinet EMS | >=7.0.0<7.2.5 | |
| Fortinet EMS | =7.4.0 | |
| Fortinet FortiSOAR Imap Connector | >=6.4.0<7.3.3 | |
| Fortinet FortiSOAR Imap Connector | >=7.4.0<7.4.5 | |
| Fortinet FortiSOAR Imap Connector | =7.5.0 |
Remedy
Please upgrade to FortiClientEMS version 7.4.1 or above Please upgrade to FortiClientEMS version 7.2.5 or above Please upgrade to FortiSOAR version 7.6.0 or above Please upgrade to FortiSOAR version 7.5.1 or above Please upgrade to FortiSOAR version 7.4.5 or above Please upgrade to FortiSOAR version 7.3.3 or above
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-36510?
CVE-2024-36510 has been rated as a moderate severity vulnerability due to its potential for user enumeration by unauthenticated attackers.
How do I fix CVE-2024-36510?
To fix CVE-2024-36510, Fortinet recommends upgrading to the latest versions of FortiClientEMS and FortiSOAR that are not affected by this vulnerability.
Which versions of FortiClientEMS are affected by CVE-2024-36510?
FortiClientEMS versions 7.4.0, 7.2.0 through 7.2.4, and all versions of 7.0 are affected by CVE-2024-36510.
Which versions of FortiSOAR are affected by CVE-2024-36510?
FortiSOAR versions 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, and all versions of 7.2, 7.0, and 6.4 are affected by CVE-2024-36510.
What type of attack does CVE-2024-36510 enable?
CVE-2024-36510 enables an unauthenticated attacker to enumerate valid usernames, posing a risk for further targeted attacks.
- agent/references
- agent/remedy
- agent/first-publish-date
- agent/type
- agent/description
- agent/severity
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/last-modified-date
- agent/weakness
- agent/event
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- vendor/fortinet
- canonical/fortinet ems
- canonical/fortinet fortisoar imap connector
- version/fortinet ems/7.0.0
- version/fortinet ems/7.4.0
- version/fortinet fortisoar imap connector/6.4.0
- version/fortinet fortisoar imap connector/7.4.0
- version/fortinet fortisoar imap connector/7.5.0