CVE-2024-32122

Description

A storing passwords in a recoverable format in Fortinet FortiOS versions 7.2.0 through 7.2.1 allows attacker to information disclosure via modification of LDAP server IP to point to a malicious server.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-01

https://fortiguard.fortinet.com/psirt/FG-IR-24-111

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS