{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-30T18:18:31.051","vulnerabilities":[{"cve":{"id":"CVE-2024-35277","sourceIdentifier":"psirt@fortinet.com","published":"2025-01-14T14:15:30.130","lastModified":"2025-01-31T17:08:01.087","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0.15, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to access to the configuration of the managed devices by sending specifically crafted packets"},{"lang":"es","value":"La falta de autenticación para una función crítica en Fortinet FortiPortal versión 6.0.0 a 6.0.15, FortiManager versión 7.4.0 a 7.4.2, 7.2.0 a 7.2.5, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14 permite a un atacante acceder a la configuración de los dispositivos administrados mediante el envío específico de paquetes manipulados."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"6.4.15","matchCriteriaId":"D2AD66B0-9C99-4F83-80AA-B54E6354ADFD"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.13","matchCriteriaId":"37456E27-0EE2-4AF8-B92F-A5284FEC0409"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.6","matchCriteriaId":"605795FE-4D3E-48D4-B2E6-AED4C79B405F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.3","matchCriteriaId":"E4490512-36ED-4212-9D34-D74739A56E84"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.1","versionEndExcluding":"7.0.13","matchCriteriaId":"29B3A5F2-3121-4902-BBB6-8B4D07767F77"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.1","versionEndExcluding":"7.2.7","matchCriteriaId":"4CD97EEF-BD2E-4442-A3E8-9C9489439404"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.1","versionEndExcluding":"7.4.3","matchCriteriaId":"7F0FB078-A95E-4AFC-B4A9-A8C43E997A78"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-135","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}}]}