CVE-2024-35275 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, FortiManager versi…
Medium CVSS: 6.6

CVE-2024-35275

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, FortiManager version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests.
Vendor
Fortinet
Product
Fortianalyzer
CWE
CWE-89
Yayın Tarihi
2025-01-14 14:15:29
Güncelleme
2025-01-31 16:49:57
Source Identifier
psirt@fortinet.com
KEV Date Added
-

Kategoriler

CWE-89 Fortianalyzer MEDIUM Fortinet 2025

Referanslar

https://fortiguard.fortinet.com/psirt/FG-IR-24-091