Details of VAR-202510-0661

ID

VAR-202510-0661

CVE

CVE-2024-47569

DESCRIPTION

A insertion of sensitive information into sent data in Fortinet FortiManager Cloud 7.4.1 through 7.4.3, FortiVoice 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.7 through 6.0.12, FortiMail 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.9, FortiOS 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, 6.2.0 through 6.2.17, 6.0.0 through 6.0.18, FortiWeb 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.11, 7.0.0 through 7.0.11, 6.4.0 through 6.4.3, FortiRecorder 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiNDR 7.6.0 through 7.6.1, 7.4.0 through 7.4.8, 7.2.0 through 7.2.5, 7.1.0 through 7.1.1, 7.0.0 through 7.0.7, 1.5.0 through 1.5.3, FortiPAM 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiTester 7.4.0 through 7.4.2, 7.3.0 through 7.3.2, 7.2.0 through 7.2.3, 7.1.0 through 7.1.1, 7.0.0, 4.2.0 through 4.2.1, FortiProxy 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.21, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager 7.6.0 through 7.6.1, 7.4.1 through 7.4.3 allows attacker to disclose sensitive information via specially crafted packets.

Trust: 1.0

sources: NVD: CVE-2024-47569

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortimanager	scope:	gte	version:	7.4.1	Trust: 1.0
vendor:	fortinet	model:	fortimanager	scope:	lt	version:	7.6.2	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	lt	version:	7.2.7	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	gte	version:	7.4.0	Trust: 1.0
vendor:	fortinet	model:	fortitester	scope:	lt	version:	7.4.3	Trust: 1.0
vendor:	fortinet	model:	fortiweb	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	lt	version:	7.4.5	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	gte	version:	7.4.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lt	version:	7.4.5	Trust: 1.0
vendor:	fortinet	model:	fortimanager	scope:	gte	version:	7.6.0	Trust: 1.0
vendor:	fortinet	model:	fortindr	scope:	gte	version:	7.6.0	Trust: 1.0
vendor:	fortinet	model:	fortindr	scope:	lte	version:	7.6.2	Trust: 1.0
vendor:	fortinet	model:	fortisase	scope:	eq	version:	24.3.20	Trust: 1.0
vendor:	fortinet	model:	fortindr	scope:	gte	version:	1.5.0	Trust: 1.0
vendor:	fortinet	model:	fortivoice	scope:	lt	version:	7.0.5	Trust: 1.0
vendor:	fortinet	model:	fortivoice	scope:	lt	version:	6.4.10	Trust: 1.0
vendor:	fortinet	model:	fortivoice	scope:	gte	version:	6.0.7	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	lt	version:	7.2.11	Trust: 1.0
vendor:	fortinet	model:	fortirecorder	scope:	lt	version:	7.0.5	Trust: 1.0
vendor:	fortinet	model:	fortiweb	scope:	lt	version:	7.4.5	Trust: 1.0
vendor:	fortinet	model:	fortindr	scope:	lt	version:	7.4.9	Trust: 1.0
vendor:	fortinet	model:	fortimanager cloud	scope:	gte	version:	7.4.1	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	7.2.0	Trust: 1.0
vendor:	fortinet	model:	fortimanager	scope:	lt	version:	7.4.4	Trust: 1.0
vendor:	fortinet	model:	fortirecorder	scope:	lt	version:	7.2.2	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	eq	version:	7.6.0	Trust: 1.0
vendor:	fortinet	model:	fortitester	scope:	gte	version:	4.2.0	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	lt	version:	7.4.3	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	6.0.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lt	version:	7.2.9	Trust: 1.0
vendor:	fortinet	model:	fortipam	scope:	lte	version:	1.3.1	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lt	version:	6.4.16	Trust: 1.0
vendor:	fortinet	model:	fortirecorder	scope:	gte	version:	7.2.0	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	gte	version:	1.0.0	Trust: 1.0
vendor:	fortinet	model:	fortivoice	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	7.6.0	Trust: 1.0
vendor:	fortinet	model:	fortirecorder	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortimanager cloud	scope:	lt	version:	7.4.4	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lt	version:	7.0.16	Trust: 1.0
vendor:	fortinet	model:	fortipam	scope:	gte	version:	1.0.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	7.4.0	Trust: 1.0

sources: NVD: CVE-2024-47569

CVSS

SEVERITY

CVSSV2

CVSSV3

psirt@fortinet.com:	CVE-2024-47569
value:	MEDIUM
Trust: 1.0

psirt@fortinet.com:	CVE-2024-47569
baseSeverity:	MEDIUM
baseScore:	4.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	1.4
version:	3.1
Trust: 1.0

sources: NVD: CVE-2024-47569

PROBLEMTYPE DATA

problemtype:

CWE-201

Trust: 1.0

sources: NVD: CVE-2024-47569

EXTERNAL IDS

db:

NVD

id:

CVE-2024-47569

Trust: 1.0

sources: NVD: CVE-2024-47569

REFERENCES

url:

https://fortiguard.fortinet.com/psirt/fg-ir-24-228

Trust: 1.0

sources: NVD: CVE-2024-47569

SOURCES

db:

NVD

id:

CVE-2024-47569

LAST UPDATE DATE

2025-10-16T23:44:36.377000+00:00

SOURCES UPDATE DATE

db:

NVD

id:

CVE-2024-47569

date:

2025-10-15T17:36:57.413

SOURCES RELEASE DATE

db:

NVD

id:

CVE-2024-47569

date:

2025-10-14T16:15:35.327