All intelligence
// vulnerability record
live · NVDCVE-2024-55592
LOWpublished 2025-03-11 15:15 UTC · 1 year ago · modified 2026-06-17 08:11 UTC
3.8
CVSS / 10
// description
An incorrect authorization vulnerability [CWE-863] in FortiSIEM 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions, may allow an authenticated attacker to perform unauthorized operations on incidents via crafted HTTP requests.
// cvss 3.1 vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
// weaknesses (CWE)
- CWE-863