CVE-2024-33501 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Two improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiAnalyzer version 7.4.0 through…
Medium CVSS: 4.2

CVE-2024-33501

Two improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5, FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker to execute unauthorized code or commands via specifically crafted CLI requests.
Vendor
Fortinet
Product
Fortianalyzer
CWE
CWE-89
Yayın Tarihi
2025-03-11 15:15:41
Güncelleme
2025-07-24 19:05:16
Source Identifier
psirt@fortinet.com
KEV Date Added
-

Kategoriler

CWE-89 Fortianalyzer MEDIUM Fortinet 2025

Referanslar

https://fortiguard.fortinet.com/psirt/FG-IR-24-130