What is the severity of CVE-2024-36511?

CVE-2024-36511 has a medium severity rating due to its potential impact on the security of affected systems.

How do I fix CVE-2024-36511?

To mitigate CVE-2024-36511, upgrade FortiADC to a version later than 7.4.4.

What versions of FortiADC are affected by CVE-2024-36511?

CVE-2024-36511 affects FortiADC versions 6.0 through 7.4.4, as well as all versions of 7.2 and 7.1.

Can CVE-2024-36511 lead to unauthorized access?

Yes, CVE-2024-36511 could potentially allow attackers to bypass security checks, leading to unauthorized access.

Is there a workaround for CVE-2024-36511 until a patch is applied?

Currently, no specific workaround is recommended for CVE-2024-36511, so upgrading to a secure version is essential.

Vulnerability/
CVE-2024-36511

low

3.7

CWE

358

10/9/2024

20/9/2024

CVE-2024-36511

First published: Tue Sep 10 2024(Updated: )

An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web Application Firewall (WAF) 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions when cookie security policy is enabled may allow an attacker, under specific conditions, to retrieve the initial encrypted and signed cookie protected by the feature

Credit: psirt@fortinet.com

Affected Software	Affected Version	How to fix
Fortinet FortiADC	>=6.0.0<7.4.5

Remedy

Please upgrade to FortiADC version 7.6.0 or above Please upgrade to FortiADC version 7.4.5 or above

Never miss a vulnerability like this again

Reference Links

https://fortiguard.fortinet.com/psirt/FG-IR-22-256

Frequently Asked Questions

What is the severity of CVE-2024-36511?
CVE-2024-36511 has a medium severity rating due to its potential impact on the security of affected systems.
How do I fix CVE-2024-36511?
To mitigate CVE-2024-36511, upgrade FortiADC to a version later than 7.4.4.
What versions of FortiADC are affected by CVE-2024-36511?
CVE-2024-36511 affects FortiADC versions 6.0 through 7.4.4, as well as all versions of 7.2 and 7.1.
Can CVE-2024-36511 lead to unauthorized access?
Yes, CVE-2024-36511 could potentially allow attackers to bypass security checks, leading to unauthorized access.
Is there a workaround for CVE-2024-36511 until a patch is applied?
Currently, no specific workaround is recommended for CVE-2024-36511, so upgrading to a secure version is essential.

agent/remedy
agent/weakness
agent/references
agent/type
agent/description
agent/first-publish-date
agent/severity
agent/author
agent/event
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/softwarecombine
agent/tags
agent/source
vendor/fortinet
canonical/fortinet fortiadc
version/fortinet fortiadc/6.0.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.