CVE-2024-40593 - CERT CVE

  1. CVE-2024-40593

ID CVE-2024-40593
Sažetak A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.2, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6.4 all versions, FortiOS 7.6.0, FortiOS 7.4.4, FortiOS 7.2.7, FortiOS 7.0.14, FortiPortal 6.0 all versions may allow an authenticated admin to retrieve a certificate's private key via the device's admin shell.
Reference
CVSS
Base: 6.0
Impact: 4.0
Exploitability:1.5
Pristup
VektorSloženostAutentikacija
LOCAL LOW HIGH
Impact
PovjerljivostCjelovitostDostupnost
HIGH NONE NONE
CVSS vektor CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Zadnje važnije ažuriranje 12-12-2025 - 18:28
Objavljeno 11-12-2025 - 15:15