CVE-2024-47571
HIGHDescription
An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper access to FortiGate via valid credentials.
Is your site exposed to CVE-2024-47571?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| fortinet | fortimanager |
| fortinet | fortimanager |
| fortinet | fortimanager |
| fortinet | fortimanager |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-47571? +
How severe is CVE-2024-47571? +
What products are affected by CVE-2024-47571? +
How do I check if I'm vulnerable to CVE-2024-47571? +
Related Vulnerabilities
Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager.
JWK Set (JSON Web Key Set) is a JWK and JWK Set Go implementation. Prior to 0.6.0, the project's provided …
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial …
Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DB_File will create a session that …
OpenClaw before 2026.4.15 captures resolved bearer-auth configuration at startup, allowing revoked tokens to remain valid after SecretRef rotation. Gateway HTTP …
The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction …