{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T09:34:07.945","vulnerabilities":[{"cve":{"id":"CVE-2024-31490","sourceIdentifier":"psirt@fortinet.com","published":"2024-09-10T15:15:15.983","lastModified":"2026-01-14T14:16:10.793","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2.6, FortiSandbox 4.0 all versions, FortiSandbox 3.2.2 through 3.2.4, FortiSandbox 3.1.5 allows attacker to information disclosure via HTTP get requests."},{"lang":"es","value":"Una exposición de información confidencial a un actor no autorizado en Fortinet FortiSandbox versión 4.4.0 a 4.4.4 y 4.2.0 a 4.2.6 y 4.0.0 a 4.0.5 y 3.2.2 a 3.2.4 y 3.1.5 permite a un atacante divulgar información a través de solicitudes de obtención HTTP."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.2","versionEndExcluding":"4.2.7","matchCriteriaId":"7EED8247-7F5B-4279-B3CA-08A35DE8C907"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.5","matchCriteriaId":"2C77A903-42B3-41D3-BDC6-E138679B5400"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox:3.1.5:*:*:*:*:*:*:*","matchCriteriaId":"B3B00B3E-608B-46C9-9527-1DFB66624EEF"}]}]}],"references":[{"url":"https://fortiguard.com/psirt/FG-IR-24-051","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}}]}