OS Command Injection Vulnerability in Fortinet FortiManager and FortiAnalyzer
CVE-2024-32123
6.5MEDIUM
What is CVE-2024-32123?
A vulnerability in Fortinet's FortiManager and FortiAnalyzer products allows attackers to exploit improper neutralization of special elements in OS commands. This flaw enables unauthorized code execution through specially crafted Command Line Interface (CLI) requests across multiple versions, potentially leading to severe system compromise. Organizations using affected versions are advised to implement necessary patches and security measures to mitigate risks.
Affected Version(s)
FortiAnalyzer 7.4.0 <= 7.4.2
FortiAnalyzer 7.2.0 <= 7.2.5
FortiAnalyzer 7.0.0 <= 7.0.13