| CVE编号 | CVE-2024-33501 |
|---|---|
| 发布日期 | 2025-03-11T14:54:41.662Z |
| 更新日期 | 2025-03-11T16:04:54.079Z |
| 状态 | PUBLISHED |
| 受影响的供应商 | Fortinet |
| 受影响的产品 | FortiManager |
| 描述 | Two improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5, FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker to execute unauthorized code or commands via specifically crafted CLI requests. |
参考链接:
