CVE-2024-35277 Information

Description

A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0.15 FortiManager version 7.4.0 through 7.4.2 7.2.0 through 7.2.5 7.0.0 through 7.0.12 6.4.0 through 6.4.14 allows attacker to access to the configuration of the managed devices by sending specifically crafted packets

Reference

https://fortiguard.fortinet.com/psirt/FG-IR-24-135