CVE-2024-45323

🗓️ 10 Sep 2024 14:37:42Reported by fortinetType

An improper access control vulnerability in FortiEDR Manager API 6.2.0 through 6.2.

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the application programming interface of the FortiEDR Manager allows a perpetrator to access confidential information.	26 Dec 202400:00	–	bdu_fstec
Circl	CVE-2024-45323	10 Sep 202418:25	–	circl
CNNVD	Fortinet FortiEDR 访问控制错误漏洞	10 Sep 202400:00	–	cnnvd
CNVD	Fortinet FortiEDR Access Control Error Vulnerability (CNVD-2025-00410)	12 Sep 202400:00	–	cnvd
CVE	CVE-2024-45323	10 Sep 202414:37	–	cve
EUVD	EUVD-2024-41439	3 Oct 202520:07	–	euvd
NVD	CVE-2024-45323	10 Sep 202415:15	–	nvd
OSV	CVE-2024-45323	10 Sep 202415:15	–	osv
Positive Technologies	PT-2024-9821 · Fortinet · Fortiedr Manager Api	10 Sep 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-45323	23 May 202510:32	–	redhatcve

[
  {
    "vendor": "Fortinet",
    "product": "FortiEDR Manager",
    "cpes": [
      "cpe:2.3:a:fortinet:fortiedrmanager:6.2.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:fortinet:fortiedrmanager:6.2.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:fortinet:fortiedrmanager:6.0.1:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "versions": [
      {
        "versionType": "semver",
        "version": "6.2.0",
        "lessThanOrEqual": "6.2.1",
        "status": "affected"
      },
      {
        "version": "6.0.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.fortinet.com/psirt/FG-IR-24-371

10 Sep 2024 14:37Current

CVSS 3.14.3

EPSS0.00196

CWE-284