Fortinet Product Security Update Advisory (CVE-2024-45327)

Sep 12 2024

Overview

An update has been released to address vulnerabilities in Fortinet Products. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-45327

FortiSOAR 7.4 versions: 7.4.0 (inclusive) ~ 7.4.3 (inclusive)
FortiSOAR 7.3 versions: 7.3.0 (inclusive) ~ 7.3.2 (inclusive)
FortiSOAR 7.2 versions: 7.2 all versions
FortiSOAR 7.0 versions: 7.0 all versions

Resolved Vulnerabilities

Improper authorization vulnerability that allows attackers to conduct brute force attacks against user and administrator passwords via crafted HTTP requests (CVE-2024-45327)

Vulnerability Patches

The following product-specific Vulnerability Patches have been made available in the latest update. If you are using an affected version, Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-45327

FortiSOAR 7.4 version: 7.4.4 or later version
FortiSOAR 7.3 version: 7.3.3 or later version
FortiSOAR 7.2 version: Migrate to a fixed release
FortiSOAR 7.0 version: Migrate to a fixed release

References

[1] CVE-2024-45327 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-45327

[2] Inadequate user validation and no brute force protection on change password requests

https://fortiguard.fortinet.com/psirt/FG-IR-24-048

Fortinet Product Security Update Advisory (CVE-2024-45327)

MS Family September 2024 Routine Security Update Advisory

Google Chrome browser (128.0.6613.137/.138) security update advisory

Tags:

MS Family September 2024 Routine Security Update Advisory

Google Chrome browser (128.0.6613.137/.138) security update advisory