What is CVE-2024-52969?

CVE-2024-52969 is a low-severity vulnerability in Fortinet Fortisiem, classified under SQL Injection. CVSS score: 3.7/10. Published 2025-01-14.

How severe is CVE-2024-52969?

Low severity. CVSS v3 base score is 3.7 out of 10.

SQL Injection in Fortinet Fortisiem

CVE-2024-52969

An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiSIEM ersion 7.1.7 and below, version 7.1.0, version 7.0.3 and below, version 6.7.9 and below, 6.7.8, version 6.6.5 and b…

Vulnerability class: SQL Injection

EPSS: 0.002 (46.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.7 (Low). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N/E:P/RL:X/RC:R.

Affected products

Fortinet Fortisiem — versions 7.1.0, 7.0.0, 6.7.0

Weakness classification (CWE)

CWE-89 — SQL Injection

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-417

Frequently asked questions

What is CVE-2024-52969?: CVE-2024-52969 is a low-severity vulnerability in Fortinet Fortisiem, classified under SQL Injection. CVSS score: 3.7/10. Published 2025-01-14.
How severe is CVE-2024-52969?: Low severity. CVSS v3 base score is 3.7 out of 10.