CVE-2024-32122

Description

A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to information disclosure via modification of LDAP server IP to point to a malicious server.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-01

https://fortiguard.fortinet.com/psirt/FG-IR-24-111

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS