{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-48885","assignerOrgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","state":"PUBLISHED","assignerShortName":"fortinet","dateReserved":"2024-10-09T09:03:09.960Z","datePublished":"2025-01-16T09:01:52.958Z","dateUpdated":"2026-07-08T14:04:41.662Z"},"containers":{"cna":{"affected":[{"vendor":"Fortinet","product":"FortiVoice","cpes":["cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","versions":[{"versionType":"semver","version":"7.0.0","lessThanOrEqual":"7.0.4","status":"affected"},{"versionType":"semver","version":"6.4.0","lessThanOrEqual":"6.4.9","status":"affected"},{"versionType":"semver","version":"6.0.0","lessThanOrEqual":"6.0.12","status":"affected"}]},{"vendor":"Fortinet","product":"FortiRecorder","cpes":["cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","versions":[{"versionType":"semver","version":"7.2.0","lessThanOrEqual":"7.2.1","status":"affected"},{"versionType":"semver","version":"7.0.0","lessThanOrEqual":"7.0.4","status":"affected"}]},{"vendor":"Fortinet","product":"FortiWeb","cpes":["cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:6.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:6.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:6.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:6.4.0:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","versions":[{"version":"7.6.0","status":"affected"},{"versionType":"semver","version":"7.4.0","lessThanOrEqual":"7.4.4","status":"affected"},{"versionType":"semver","version":"7.2.0","lessThanOrEqual":"7.2.12","status":"affected"},{"versionType":"semver","version":"7.0.0","lessThanOrEqual":"7.0.12","status":"affected"},{"versionType":"semver","version":"6.4.0","lessThanOrEqual":"6.4.3","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiVoice 7.0.0 through 7.0.4, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions, FortiWeb 7.6.0, FortiWeb 7.4.0 through 7.4.4, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions, FortiWeb 6.4 all versions allows attacker to escalate privilege via specially crafted packets."}],"providerMetadata":{"orgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","shortName":"fortinet","dateUpdated":"2026-07-08T12:54:14.655Z"},"problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-22","description":"Escalation of privilege","type":"CWE"}]}],"metrics":[{"format":"CVSS","cvssV3_1":{"version":"3.1","attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":5.2,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C"}}],"solutions":[{"lang":"en","value":"Upgrade to upcoming  FortiAuthenticator version 7.0.0 or above\nUpgrade to FortiOS version 7.6.1 or above\nUpgrade to FortiOS version 7.4.5 or above\nUpgrade to FortiOS version 7.2.10 or above\nUpgrade to FortiOS version 7.0.16 or above\nUpgrade to FortiOS version 6.4.16 or above\nUpgrade to FortiWeb version 7.6.1 or above\nUpgrade to FortiWeb version 7.4.5 or above\nUpgrade to FortiRecorder version 7.2.2 or above\nUpgrade to FortiRecorder version 7.0.5 or above\nUpgrade to FortiManager Cloud version 7.4.4 or above\nUpgrade to FortiProxy version 7.4.6 or above\nUpgrade to FortiProxy version 7.2.12 or above\nUpgrade to FortiProxy version 7.0.19 or above\nUpgrade to FortiVoice version 7.2.0 or above\nUpgrade to FortiVoice version 7.0.5 or above\nUpgrade to FortiVoice version 6.4.10 or above\nFortinet remediated this issue in FortiSASE version 24.3.c and hence customers do not need to perform any action.\nUpgrade to FortiManager version 7.6.2 or above\nUpgrade to FortiManager version 7.4.4 or above"}],"references":[{"name":"https://fortiguard.fortinet.com/psirt/FG-IR-24-259","url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-259"}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-01-16T14:15:57.157206Z","id":"CVE-2024-48885","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-07-08T14:04:41.662Z"}}]}}