Buffer overflow in Fortinet Fortianalyzer
CVE-2024-35276
A stack-based buffer overflow in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6…
Vulnerability class: Buffer Overflow
EPSS: 0.004 (31.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.6 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L.
Affected products
- Fortinet Fortianalyzer — versions 7.4.0, 7.2.0, 7.0.0
- Fortinet Fortianalyzer_cloud
- Fortinet Fortimanager — versions 7.4.0, 7.2.0, 7.0.0
- Fortinet Fortimanager_cloud
Weakness classification (CWE)
References
- psirt@fortinet.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2024-35276?
- CVE-2024-35276 is a medium-severity vulnerability in Fortinet Fortianalyzer, classified under Stack-based Buffer Overflow. CVSS score: 5.6/10. Published 2025-01-14.
- How severe is CVE-2024-35276?
- Medium severity. CVSS v3 base score is 5.6 out of 10.