Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-55593


A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWeb versions 6.3.17 through 7.6.1 allows attacker to gain information disclosure via crafted SQL queries


Published

2025-01-14T14:15:34.610

Last Modified

2025-02-03T22:06:19.163

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 2.7 (LOW)

Weaknesses
  • Type: Primary
    CWE-89

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application fortinet fortiweb < 7.6.2 Yes

References