ioc[.]one - OSINT Cyber Threat Intelligence Database

CVE-2024-47575: FortiManager Missing Authentication Zero-Day Vulnerability Explained

Tags

attack-pattern:

Data Model Models Email Addresses - T1589.002 Ip Addresses - T1590.005 Software - T1592.002 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	de85cb8b-4fa5-4f83-9261-be337c5eeabb
Fingerprint	a5b7a096eb118bc5
Analysis status	DONE
Considered CTI value	1
Text language
Published	Oct. 24, 2024, 9:11 a.m.
Added to db	Oct. 24, 2024, noon
Last updated	Nov. 18, 2024, 3:36 a.m.
Headline	CVE-2024-47575: FortiManager Missing Authentication Zero-Day Vulnerability Explained
Title	CVE-2024-47575: FortiManager Missing Authentication Zero-Day Vulnerability Explained
Detected Hints/Tags/Attributes	34/1/13

Source URLs

	Redirection	Url
Details	Source	https://www.picussecurity.com/resource/blog/cve-2024-47575-fortimanager-missing-authentication-zero-day-vulnerability-explained

URL Provider

Details	Provider	Source level domain
Details	picussecurity.com	www.picussecurity.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	352	✔	Resources-2	https://www.picussecurity.com/resource/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	87		cve-2024-47575
Details	Domain	23		fortiguard.com
Details	File	4		revinfo.db
Details	File	7		devices.txt
Details	File	4		global.db
Details	File	5		unreg_devices.txt
Details	File	5		subs.dat
Details	IPv4	18		45.32.41.202
Details	IPv4	5		195.85.114.78
Details	IPv4	12		104.238.141.143
Details	IPv4	1		48.32.41.202
Details	Url	2		https://fortiguard.com/psirt/fg-ir-24-423.
Details	Url	1		https://www.bleepingcomputer.com/news/security/mandiant-says-new-fortinet-fortimanager-flaw-has-been-exploited-since-june/.