cvelistv5 - cve-2024-48887

cve-2024-48887

Vulnerability from cvelistv5

Published
2025-04-08 16:52
Modified
2025-04-09 04:00
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RC:C
Summary
A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request
References
▼	URL	Tags
	psirt@fortinet.com	https://fortiguard.fortinet.com/psirt/FG-IR-24-435	Vendor Advisory
Impacted products
▼	Vendor	Product
	Fortinet	FortiSwitch
Show details on NVD website
JSON
To clipboard
{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-48887",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-08T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-09T04:00:33.735Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortiswitch:7.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.14:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.13:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.12:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.11:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiSwitch",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.6.0"
            },
            {
              "lessThanOrEqual": "7.4.4",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.8",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.10",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.14",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A  unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-620",
              "description": "Escalation of privilege",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-08T16:52:20.257Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-435",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-435"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSwitch version 7.6.1 or above \nPlease upgrade to FortiSwitch version 7.4.5 or above \nPlease upgrade to FortiSwitch version 7.2.9 or above \nPlease upgrade to FortiSwitch version 7.0.11 or above \nPlease upgrade to FortiSwitch version 6.4.15 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2024-48887",
    "datePublished": "2025-04-08T16:52:02.152Z",
    "dateReserved": "2024-10-09T09:03:09.960Z",
    "dateUpdated": "2025-04-09T04:00:33.735Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-48887\",\"sourceIdentifier\":\"psirt@fortinet.com\",\"published\":\"2025-04-08T17:15:34.440\",\"lastModified\":\"2025-07-23T16:03:34.897\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A  unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de cambio de contrase\u00f1a no verificada en la GUI de Fortinet FortiSwitch puede permitir que un atacante remoto no autenticado cambie las contrase\u00f1as de administrador a trav\u00e9s de una solicitud especialmente manipulada.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-620\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.4.0\",\"versionEndExcluding\":\"6.4.15\",\"matchCriteriaId\":\"1B371109-292C-4FCC-B15E-F16EE312BB13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.11\",\"matchCriteriaId\":\"5B11CFFF-42AB-40E5-8AA0-DCAB1364A2BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0\",\"versionEndExcluding\":\"7.2.9\",\"matchCriteriaId\":\"038A829E-84FE-4B42-AE54-A6DE066EE59C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.4.0\",\"versionEndExcluding\":\"7.4.5\",\"matchCriteriaId\":\"47E81562-F1B3-4759-B046-DC343FD7651A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fortinet:fortiswitch:7.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31C81F91-69B3-4F98-9B5E-AD6C03E05638\"}]}]}],\"references\":[{\"url\":\"https://fortiguard.fortinet.com/psirt/FG-IR-24-435\",\"source\":\"psirt@fortinet.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}
Action not permitted

cve-2024-48887

Vulnerability from cvelistv5

ghsa-w84w-59g8-pmg9

Vulnerability from github

Tags
