{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T17:42:38.670","vulnerabilities":[{"cve":{"id":"CVE-2024-36505","sourceIdentifier":"psirt@fortinet.com","published":"2024-08-13T16:15:08.970","lastModified":"2024-08-22T14:36:31.643","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system."},{"lang":"es","value":"Una vulnerabilidad de control de acceso inadecuado [CWE-284] en FortiOS 7.4.0 a 7.4.3, 7.2.5 a 7.2.7, 7.0.12 a 7.0.14 y 6.4.x puede permitir que un atacante que ya haya obtenido acceso de escritura con éxito al sistema subyacente (a través de otro exploit hipotético) para evitar el sistema de verificación de integridad de archivos."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.4,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.13","versionEndIncluding":"6.4.15","matchCriteriaId":"B26D3CC8-B77D-4C5C-B3AC-096679F47877"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.12","versionEndExcluding":"7.0.15","matchCriteriaId":"F754A050-02F5-4848-9065-5E15117B227E"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.5","versionEndExcluding":"7.2.8","matchCriteriaId":"14113139-B64B-4069-A88F-D1999ED7EC18"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.4","matchCriteriaId":"1FDDB5F3-D229-4208-9110-8860A03C8B59"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-012","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}}]}