CVE-2024-52969 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiSIEM ersion 7.1.7 and below, version 7.1.…
Medium CVSS: 4.1

CVE-2024-52969

An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiSIEM ersion 7.1.7 and below, version 7.1.0, version 7.0.3 and below, version 6.7.9 and below, 6.7.8, version 6.6.5 and below, version 6.5.3 and below, version 6.4.4 and below Update/Create Case feature may allow an authenticated attacker to extract database information via crafted requests.
Vendor
Fortinet
Product
Fortisiem
CWE
CWE-89
Yayın Tarihi
2025-01-14 14:15:34
Güncelleme
2025-02-03 22:01:44
Source Identifier
psirt@fortinet.com
KEV Date Added
-

Kategoriler

CWE-89 Fortisiem MEDIUM Fortinet 2025

Referanslar

https://fortiguard.fortinet.com/psirt/FG-IR-24-417