{
  "document" : {
    "aggregate_severity" : {
      "text" : "mittel"
    },
    "category" : "csaf_base",
    "csaf_version" : "2.0",
    "distribution" : {
      "tlp" : {
        "label" : "WHITE",
        "url" : "https://www.first.org/tlp/"
      }
    },
    "lang" : "de-DE",
    "notes" : [ {
      "category" : "legal_disclaimer",
      "text" : "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen."
    }, {
      "category" : "description",
      "text" : "FortiAnalyzer ist eine Plattform zur Protokollverwaltung, Analyse und Berichterstellung.\r\nFortiManager Security Management Appliances ermöglicht die Verwaltung von Fortinet Network Security Geräten.",
      "title" : "Produktbeschreibung"
    }, {
      "category" : "summary",
      "text" : "Ein lokaler Angreifer kann mehrere Schwachstellen in Fortinet FortiAnalyzer und Fortinet FortiManager ausnutzen, um Dateien zu manipulieren und vertrauliche Informationen preiszugeben.",
      "title" : "Angriff"
    }, {
      "category" : "general",
      "text" : "- Sonstiges",
      "title" : "Betroffene Betriebssysteme"
    } ],
    "publisher" : {
      "category" : "other",
      "contact_details" : "csaf-provider@cert-bund.de",
      "name" : "Bundesamt für Sicherheit in der Informationstechnik",
      "namespace" : "https://www.bsi.bund.de"
    },
    "references" : [ {
      "category" : "self",
      "summary" : "WID-SEC-W-2025-0340 - CSAF Version",
      "url" : "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0340.json"
    }, {
      "category" : "self",
      "summary" : "WID-SEC-2025-0340 - Portal Version",
      "url" : "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0340"
    }, {
      "category" : "external",
      "summary" : "FortiGuard PSIRT Advisory FG-IR-24-147 vom 2025-02-11",
      "url" : "https://www.fortiguard.com/psirt/FG-IR-24-147"
    }, {
      "category" : "external",
      "summary" : "FortiGuard PSIRT Advisory FG-IR-24-422 vom 2025-02-11",
      "url" : "https://www.fortiguard.com/psirt/FG-IR-24-422"
    } ],
    "source_lang" : "en-US",
    "title" : "Fortinet FortiAnalyzer und FortiManager: Mehrere Schwachstellen",
    "tracking" : {
      "current_release_date" : "2025-02-11T23:00:00.000+00:00",
      "generator" : {
        "date" : "2025-02-12T09:41:12.810+00:00",
        "engine" : {
          "name" : "BSI-WID",
          "version" : "1.3.10"
        }
      },
      "id" : "WID-SEC-W-2025-0340",
      "initial_release_date" : "2025-02-11T23:00:00.000+00:00",
      "revision_history" : [ {
        "date" : "2025-02-11T23:00:00.000+00:00",
        "number" : "1",
        "summary" : "Initiale Fassung"
      } ],
      "status" : "final",
      "version" : "1"
    }
  },
  "product_tree" : {
    "branches" : [ {
      "branches" : [ {
        "branches" : [ {
          "category" : "product_version_range",
          "name" : "<7.4.3",
          "product" : {
            "name" : "Fortinet FortiAnalyzer <7.4.3",
            "product_id" : "T041094"
          }
        }, {
          "category" : "product_version",
          "name" : "7.4.3",
          "product" : {
            "name" : "Fortinet FortiAnalyzer 7.4.3",
            "product_id" : "T041094-fixed",
            "product_identification_helper" : {
              "cpe" : "cpe:/a:fortinet:fortianalyzer:7.4.3"
            }
          }
        }, {
          "category" : "product_version_range",
          "name" : "<7.2.6",
          "product" : {
            "name" : "Fortinet FortiAnalyzer <7.2.6",
            "product_id" : "T041095"
          }
        }, {
          "category" : "product_version",
          "name" : "7.2.6",
          "product" : {
            "name" : "Fortinet FortiAnalyzer 7.2.6",
            "product_id" : "T041095-fixed",
            "product_identification_helper" : {
              "cpe" : "cpe:/a:fortinet:fortianalyzer:7.2.6"
            }
          }
        }, {
          "category" : "product_version_range",
          "name" : "<7.6.1",
          "product" : {
            "name" : "Fortinet FortiAnalyzer <7.6.1",
            "product_id" : "T041100"
          }
        }, {
          "category" : "product_version",
          "name" : "7.6.1",
          "product" : {
            "name" : "Fortinet FortiAnalyzer 7.6.1",
            "product_id" : "T041100-fixed",
            "product_identification_helper" : {
              "cpe" : "cpe:/a:fortinet:fortianalyzer:7.6.1"
            }
          }
        }, {
          "category" : "product_version_range",
          "name" : "<7.4.5",
          "product" : {
            "name" : "Fortinet FortiAnalyzer <7.4.5",
            "product_id" : "T041101"
          }
        }, {
          "category" : "product_version",
          "name" : "7.4.5",
          "product" : {
            "name" : "Fortinet FortiAnalyzer 7.4.5",
            "product_id" : "T041101-fixed",
            "product_identification_helper" : {
              "cpe" : "cpe:/a:fortinet:fortianalyzer:7.4.5"
            }
          }
        }, {
          "category" : "product_version_range",
          "name" : "<7.2.8",
          "product" : {
            "name" : "Fortinet FortiAnalyzer <7.2.8",
            "product_id" : "T041102"
          }
        }, {
          "category" : "product_version",
          "name" : "7.2.8",
          "product" : {
            "name" : "Fortinet FortiAnalyzer 7.2.8",
            "product_id" : "T041102-fixed",
            "product_identification_helper" : {
              "cpe" : "cpe:/a:fortinet:fortianalyzer:7.2.8"
            }
          }
        } ],
        "category" : "product_name",
        "name" : "FortiAnalyzer"
      }, {
        "branches" : [ {
          "category" : "product_version_range",
          "name" : "<7.4.3",
          "product" : {
            "name" : "Fortinet FortiManager <7.4.3",
            "product_id" : "T041098"
          }
        }, {
          "category" : "product_version",
          "name" : "7.4.3",
          "product" : {
            "name" : "Fortinet FortiManager 7.4.3",
            "product_id" : "T041098-fixed",
            "product_identification_helper" : {
              "cpe" : "cpe:/a:fortinet:fortimanager:7.4.3"
            }
          }
        }, {
          "category" : "product_version_range",
          "name" : "<7.2.6",
          "product" : {
            "name" : "Fortinet FortiManager <7.2.6",
            "product_id" : "T041099"
          }
        }, {
          "category" : "product_version",
          "name" : "7.2.6",
          "product" : {
            "name" : "Fortinet FortiManager 7.2.6",
            "product_id" : "T041099-fixed",
            "product_identification_helper" : {
              "cpe" : "cpe:/a:fortinet:fortimanager:7.2.6"
            }
          }
        } ],
        "category" : "product_name",
        "name" : "FortiManager"
      } ],
      "category" : "vendor",
      "name" : "Fortinet"
    } ]
  },
  "vulnerabilities" : [ {
    "cve" : "CVE-2024-36508",
    "notes" : [ {
      "category" : "description",
      "text" : "Es besteht eine Schwachstelle in Fortinet FortiAnalyzer und Fortinet FortiManager aufgrund einer Path-Traversal-Schwachstelle. Ein lokaler Angreifer mit Administrator- und Diagnoseberechtigung kann diese Schwachstelle ausnutzen, um beliebige Dateien auf dem System zu löschen."
    } ],
    "product_status" : {
      "known_affected" : [ "T041099", "T041098", "T041095", "T041094" ]
    },
    "release_date" : "2025-02-11T23:00:00.000+00:00",
    "title" : "CVE-2024-36508"
  }, {
    "cve" : "CVE-2024-52966",
    "notes" : [ {
      "category" : "description",
      "text" : "In Fortinet FortiAnalyzer besteht eine Schwachstelle aufgrund einer unzureichenden Zugriffskontrolle in der Komponente Log View. Ein lokaler Angreifer mit Administratorrechten kann diese Schwachstelle ausnutzen, um auf Protokolle von Geräten außerhalb des aktuellen ADOM zuzugreifen und so zu einer Offenlegung von Informationen zu führen."
    } ],
    "product_status" : {
      "known_affected" : [ "T041095", "T041094", "T041102", "T041101", "T041100" ]
    },
    "release_date" : "2025-02-11T23:00:00.000+00:00",
    "title" : "CVE-2024-52966"
  } ]
}