{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T01:01:54.671","vulnerabilities":[{"cve":{"id":"CVE-2024-23668","sourceIdentifier":"psirt@fortinet.com","published":"2024-06-03T10:15:13.320","lastModified":"2024-12-17T16:38:42.387","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI."},{"lang":"es","value":"Una autorización inadecuada en Fortinet FortiWebManager versión 7.2.0 y 7.0.0 hasta 7.0.4 y 6.3.0 y 6.2.3 hasta 6.2.4 y 6.0.2 permite al atacante ejecutar código o comandos no autorizados a través de solicitudes HTTP o CLI."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.3","versionEndExcluding":"6.2.5","matchCriteriaId":"C00F44FF-9533-4354-9060-A74E8F43E747"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.5","matchCriteriaId":"403F07C3-8D48-4403-B9EE-0076F8639CB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:6.0.2:*:*:*:*:*:*:*","matchCriteriaId":"6AB742D6-5B08-4FF7-A366-F4CE1E91C9A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:6.3.0:*:*:*:*:*:*:*","matchCriteriaId":"A921BEEB-D912-471E-8176-8804F5CD5118"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:7.2.0:*:*:*:*:*:*:*","matchCriteriaId":"1C7475A8-52EB-413E-A196-6F43137B545F"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-23-222","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-23-222","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}