CVE-2024-45326

An Improper Access Control vulnerability [CWE-284] in FortiDeceptor version 6.0.0, version 5.3.3 and below, version 5.2.1 and below, version 5.1.0, version 5.0.0 may allow an authenticated attacker with none privileges to perform operations on the central management appliance via crafted requests.

Published: Jan 14, 2025
Updated: May 4, 2025
CVE: CVE-2024-45326
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
fortinet / fortideceptor	5.0.0	6.0.1

https://fortiguard.fortinet.com/psirt/FG-IR-24-285

Vulnerability Database

289,871

CVE-2024-45326