CVE-2024-45326

CVE Database · CVE-2024-45326

CVE-2024-45326

· MEDIUMModified

CVSS v3.1

4.3

EPSS

0.25%

Published

Jan 14, 2025

Modified

Feb 4, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An Improper Access Control vulnerability [CWE-284] vulnerability in Fortinet FortiDeceptor 6.0.0, FortiDeceptor 5.3 all versions, FortiDeceptor 5.2 all versions, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions may allow an authenticated attacker with none privileges to perform operations on the central management appliance via crafted requests.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Weaknesses (CWE)

CWE-284

Affected Products (1)

fortinet · fortideceptor (up to 6.0.1)vulnerable

References (1)

https://fortiguard.fortinet.com/psirt/FG-IR-24-285

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs