First published: Mon Oct 07 2024(Updated: )
A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.2 through 7.2.5 allows attacker to escalate its privileges via specially crafted requests.
Credit: psirt@fortinet.com
Affected Software | Affected Version | How to fix |
---|---|---|
Fortinet FortiAnalyzer | >=7.4.0<=7.4.3 | |
Fortinet FortiAnalyzer | >=7.2.2<=7.2.5 | |
Fortinet FortiAnalyzer Cloud | >=7.4.1<=7.4.3 | |
Fortinet FortiAnalyzer Cloud | >=7.2.2<=7.2.6 | |
Fortinet FortiAnalyzer | >=7.2.2<=7.2.5 | |
Fortinet FortiAnalyzer | >=7.4.0<=7.4.3 | |
Fortinet FortiAnalyzer Cloud | >=7.2.2<=7.2.6 | |
Fortinet FortiAnalyzer Cloud | >=7.4.1<=7.4.3 |
Please upgrade to FortiAnalyzer Cloud version 7.4.4 or above Please upgrade to FortiAnalyzer Cloud version 7.2.7 or above Please upgrade to FortiAnalyzer version 7.6.0 or above Please upgrade to FortiAnalyzer version 7.4.4 or above Please upgrade to FortiAnalyzer version 7.2.6 or above
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.