CVE-2024-48885 - CERT CVE

  1. CVE-2024-48885

ID CVE-2024-48885
Sažetak A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets.
Reference
CVSS
Base: 5.3
Impact: 3.6
Exploitability:1.6
Pristup
VektorSloženostAutentikacija
NETWORK HIGH LOW
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE HIGH
CVSS vektor CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Zadnje važnije ažuriranje 16-01-2025 - 09:15
Objavljeno 16-01-2025 - 09:15