FortiManager 6.4.12-7.4.0 Improper Access via Expired Resource Operation
CVE-2024-47571 Published on January 14, 2025
An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper access to FortiGate via valid credentials.
Vulnerability Analysis
CVE-2024-47571 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
Operation on a Resource after Expiration or Release
The software uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.
Products Associated with CVE-2024-47571
Want to know whenever a new CVE is published for Fortinet FortiManager? stack.watch will email you.
Affected Versions
Fortinet FortiManager:- Version 7.4.0 is affected.
- Version 7.2.3 is affected.
- Version 7.0.7, <= 7.0.8 is affected.
- Version 6.4.12 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.