{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T04:15:02.345","vulnerabilities":[{"cve":{"id":"CVE-2024-45329","sourceIdentifier":"psirt@fortinet.com","published":"2025-06-10T17:19:25.083","lastModified":"2025-07-22T21:24:55.703","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A authorization bypass through user-controlled key in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.8 may allow an authenticated attacker to view unauthorized device information via key modification in API requests."},{"lang":"es","value":"Una omisión de autorización a través de una clave controlada por el usuario en Fortinet FortiPortal versiones 7.4.0, 7.2.0 a 7.2.5 y 7.0.0 a 7.0.8 puede permitir que un atacante autenticado vea información no autorizada del dispositivo a través de la modificación de la clave en las solicitudes API."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.9","matchCriteriaId":"EB9E106C-E997-40D4-B368-1E9554E5A9F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.6","matchCriteriaId":"BA765E03-8943-42BB-AACC-F3C918B8F2EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiportal:7.4.0:*:*:*:*:*:*:*","matchCriteriaId":"957DAED4-8BE8-49A8-BEFA-2C419824895A"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-274","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}}]}