What is CVE-2024-23104?

CVE-2024-23104 is a medium-severity vulnerability in Fortinet Fortindr, classified under Information Disclosure. CVSS score: 5.4/10. Published 2026-04-14.

How severe is CVE-2024-23104?

Medium severity. CVSS v3 base score is 5.4 out of 10.

Information disclosure in Fortinet Fortindr

CVE-2024-23104

An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiVoice 7.0.0 through…

Vulnerability class: Information Disclosure

EPSS: 0.000 (10.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.4 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C.

Affected products

Fortinet Fortindr — versions 7.6.0, 7.4.0, 7.2.0
Fortinet Fortivoice — versions 7.0.0

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

https://fortiguard.fortinet.com/psirt/FG-IR-26-124

Frequently asked questions

What is CVE-2024-23104?: CVE-2024-23104 is a medium-severity vulnerability in Fortinet Fortindr, classified under Information Disclosure. CVSS score: 5.4/10. Published 2026-04-14.
How severe is CVE-2024-23104?: Medium severity. CVSS v3 base score is 5.4 out of 10.