Vulnerabilities > CVE-2024-46665 - Unspecified vulnerability in Fortinet Fortios

CVSS 3.7 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

high complexity

fortinet

NVD

Published: 2025-01-14

Updated: 2025-01-31

Summary

An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS accounting server shared secret via intercepting accounting-requests.

Vulnerable Configurations

Part	Description	Count
OS	Fortinet Fortinet Fortios 7.6.0 Fortinet Fortios 7.4.0 Fortinet Fortios 7.4.1 Fortinet Fortios 7.4.2 Fortinet Fortios 7.4.3 Fortinet Fortios 7.4.4	6

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-326