CVE-2024-32122
LOWDescription
A storing passwords in a recoverable format in Fortinet FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to information disclosure via modification of LDAP server IP to point to a malicious server.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| fortinet | fortios |
| fortinet | fortios |
| fortinet | fortios |
| fortinet | fortios |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-32122? +
How severe is CVE-2024-32122? +
What products are affected by CVE-2024-32122? +
How do I check if I'm vulnerable to CVE-2024-32122? +
Related Vulnerabilities
NetSupport Manager < 14.12.0001 relies on a shared Gateway Key for authentication between Manager/Control, Client, and Connectivity Server components. The …
The system stores the username and password from the login form after submitting the request. This could allow an attacker …
The SIMPLE.ERP client stores superuser password in a recoverable format, allowing any authenticated SIMPLE.ERP user to escalate privileges to a …
Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A …
Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update …
Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update …