CVE-2024-23108 | Fortinet FortiSIEM up to 6.5.2/6.6.3/6.7.8/7.0.2/7.1.1 API Request os command injection (FG-IR-23-130)

Inserito da Angelo Barbosa | Feb 5, 2024 | CVE

A vulnerability was found in Fortinet FortiSIEM up to 6.5.2/6.6.3/6.7.8/7.0.2/7.1.1. It has been classified as very critical. Affected is an unknown function of the component API Request Handler. The manipulation leads to os command injection.

This vulnerability is traded as CVE-2024-23108. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23108 | Fortinet FortiSIEM up to 6.5.2/6.6.3/6.7.8/7.0.2/7.1.1 API Request os command injection (FG-IR-23-130)

Post correlati

CVE-2024-25914 | Photoboxone SMTP Mail Plugin up to 1.3.20 on WordPress cross-site request forgery

CVE-2023-3288 | easyappointments up to 1.4.x /providers authorization

CVE-2023-48291 | Apache Airflow 2.7.2 Incomplete Fix CVE-2023-42792 exposure of resource

CVE-2024-31192 | Open Networking Foundation libfluid 0.1.0 unpack out-of-bounds