CVE-2024-52966

CVE Database · CVE-2024-52966

CVE-2024-52966

· LOWAnalyzed

CVSS v3.1

2.3

EPSS

0.20%

Published

Feb 11, 2025

Modified

Jul 22, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An exposure of sensitive information to an unauthorized actor in Fortinet FortiAnalyzer 6.4.0 through 7.6.0 allows attacker to cause information disclosure via filter manipulation.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Weaknesses (CWE)

CWE-200

Affected Products (3)

fortinet · fortianalyzer (up to 7.2.8)vulnerable

fortinet · fortianalyzer (up to 7.4.5)vulnerable

fortinet · fortianalyzervulnerable

References (1)

https://fortiguard.fortinet.com/psirt/FG-IR-24-422

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs