CVE-2024-45326

medium

Fortinet

CVSS v3 Base Score

4.3

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS Score

0.3%

Exploitation probability in 30 days

Top 44% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Confidentiality

None

Integrity

Low

Availability

None

Published: January 14, 2025 (484 days ago)

Last Modified: February 4, 2026

Vendor: Fortinet

Description

An Improper Access Control vulnerability [CWE-284] vulnerability in Fortinet FortiDeceptor 6.0.0, FortiDeceptor 5.3 all versions, FortiDeceptor 5.2 all versions, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions may allow an authenticated attacker with none privileges to perform operations on the central management appliance via crafted requests.

CWE

CWE-284

Affected Products

fortinet fortideceptor

References

🔗 fortiguard.fortinet.com

CVE-2024-45326

Vulnerability Report

Description

CWE

Affected Products

References