Code Injection Vulnerability in FortiSOAR by Fortinet
CVE-2024-21760
7.7HIGH
What is CVE-2024-21760?
An improper control of code generation vulnerability exists in FortiSOAR Connector that allows an authenticated attacker to execute arbitrary code via manipulated playbook code snippets. This could potentially compromise the host system where FortiSOAR is deployed, highlighting the importance of applying timely updates and securing configurations to mitigate such risks.
Affected Version(s)
FortiSOAR 7.4.0 <= 7.4.5
FortiSOAR 7.3.0 <= 7.3.3
FortiSOAR 7.2.0 <= 7.2.2