CVE-2024-23662

🗓️ 09 Apr 2024 14:24:18Reported by fortinetType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 59 Views

An unauthorized access to sensitive information in Fortinet FortiOS versions 6.4.0 - 7.4.

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of FortiOS operating systems, related to the lack of protection for service data, allows attackers to disclose the protected information.	17 May 202400:00	–	bdu_fstec
Circl	CVE-2024-23662	11 Apr 202405:35	–	circl
CNNVD	Fortinet FortiOS 信息泄露漏洞	9 Apr 202400:00	–	cnnvd
CNVD	Fortinet FortiOS Information Disclosure Vulnerability (CNVD-2024-20292)	12 Apr 202400:00	–	cnvd
Cvelist	CVE-2024-23662	9 Apr 202414:24	–	cvelist
EUVD	EUVD-2024-21135	3 Oct 202520:07	–	euvd
Tenable Nessus	Fortinet Fortigate Web server ETag exposure (FG-IR-23-224)	22 May 202400:00	–	nessus
NCSC	Vulnerabilities fixed in Fortinet	10 Apr 202400:00	–	ncsc
NVD	CVE-2024-23662	9 Apr 202415:15	–	nvd
OSV	CVE-2024-23662	9 Apr 202415:15	–	osv

NVD

Node

fortinet fortiosRange6.4.0–7.2.6

fortinet fortiosRange7.4.0–7.4.2

[
  {
    "vendor": "Fortinet",
    "product": "FortiOS",
    "defaultStatus": "unaffected",
    "versions": [
      {
        "versionType": "semver",
        "version": "7.4.0",
        "lessThanOrEqual": "7.4.1",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "7.2.0",
        "lessThanOrEqual": "7.2.5",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "7.0.0",
        "lessThanOrEqual": "7.0.15",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "6.4.0",
        "lessThanOrEqual": "6.4.15",
        "status": "affected"
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.com/psirt/FG-IR-23-224

11 Dec 2024 19:11Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.15.3 - 7.5

EPSS0.00367

SSVC

CWE-200