Security Advisory

CVE-2024-33504

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-11 16:09:03

Last updated 2025-02-11 16:32:53

Assigner fortinet

State PUBLISHED

Description

A use of hard-coded cryptographic key to encrypt sensitive data vulnerability [CWE-321] in FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9, 7.0 all versions, 6.4 all versions may allow an attacker with JSON API access permissions to decrypt some secrets even if the private-data-encryption setting is enabled.

← Browse all CVEs View on cve.org ↗