FortiManager/FortiAnalyzer Password Change via Config Backup v7.0-7.4
CVE-2024-21757 Published on August 13, 2024
A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, allows an attacker to modify admin passwords via the device configuration backup.
Vulnerability Analysis
CVE-2024-21757 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a high impact on integrity, and no impact on availability.
Weakness Type
Unverified Password Change
When setting a new password for a user, the product does not require knowledge of the original password, or using another form of authentication. This could be used by an attacker to change passwords for another user, thus gaining the privileges associated with that user.
Products Associated with CVE-2024-21757
stack.watch emails you whenever new vulnerabilities are published in Fortinet FortiManager or Fortinet Fortianalyzer. Just hit a watch button to start following.
Affected Versions
Fortinet FortiManager:- Version 7.4.0, <= 7.4.1 is affected.
- Version 7.2.0, <= 7.2.4 is affected.
- Version 7.0.0, <= 7.0.10 is affected.
- Version 7.4.0, <= 7.4.1 is affected.
- Version 7.2.0, <= 7.2.4 is affected.
- Version 7.0.0, <= 7.0.10 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.