Security News > 2024 > October > Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation

Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation
2024-10-24 06:23

Fortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild. Tracked as CVE-2024-47575 (CVSS score: 9.8), the vulnerability is also known as FortiJump and is rooted in the FortiGate to FortiManager (FGFM) protocol. "A missing authentication for critical function vulnerability [CWE-306] in FortiManager fgfmd daemon may


News URL

https://thehackernews.com/2024/10/fortinet-warns-of-critical.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-10-23 CVE-2024-47575 Missing Authentication for Critical Function vulnerability in Fortinet Fortimanager and Fortimanager Cloud
A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests.
network
low complexity
fortinet CWE-306
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fortinet 80 20 349 308 94 771