← back
CVE-2024-23662

CVE-2024-23662

CVSS 5 MEDIUMEPSS 0.7%CWE-200
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
09 Apr 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least version at least 7.4.0 through 7.4.1 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.15 and 6.4.0 through 6.4.15 allows attacker to information disclosure via HTTP requests.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:X
Affected products
Fortinet · FortiOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.com/psirt/FG-IR-23-224