CVE-2024-48887

A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://fortiguard.fortinet.com/psirt/FG-IR-24-435	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:fortinet:fortiswitch::::::::
	cpe:2.3:o:fortinet:fortiswitch::::::::
	cpe:2.3:o:fortinet:fortiswitch::::::::
	cpe:2.3:o:fortinet:fortiswitch::::::::
	cpe:2.3:o:fortinet:fortiswitch:7.6.0:::::::*

History

23 Jul 2025, 16:03

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de cambio de contraseña no verificada en la GUI de Fortinet FortiSwitch puede permitir que un atacante remoto no autenticado cambie las contraseñas de administrador a través de una solicitud especialmente manipulada.
CPE		cpe:2.3:o:fortinet:fortiswitch:7.6.0:::::::* cpe:2.3:o:fortinet:fortiswitch::::::::
First Time		Fortinet Fortinet fortiswitch
References	~~() https://fortiguard.fortinet.com/psirt/FG-IR-24-435 -~~	() https://fortiguard.fortinet.com/psirt/FG-IR-24-435 - Vendor Advisory

08 Apr 2025, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-08 17:15

Updated : 2025-07-23 16:03

NVD link : CVE-2024-48887

Mitre link : CVE-2024-48887

CVE.ORG link : CVE-2024-48887

JSON object : View

Products Affected

fortinet

fortiswitch

CWE

CWE-620

Unverified Password Change

{"id": "CVE-2024-48887", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-04-08T17:15:34.440", "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-435", "tags": ["Vendor Advisory"], "source": "psirt@fortinet.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@fortinet.com", "description": [{"lang": "en", "value": "CWE-620"}]}], "descriptions": [{"lang": "en", "value": "A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request"}, {"lang": "es", "value": "Una vulnerabilidad de cambio de contrase\u00f1a no verificada en la GUI de Fortinet FortiSwitch puede permitir que un atacante remoto no autenticado cambie las contrase\u00f1as de administrador a trav\u00e9s de una solicitud especialmente manipulada."}], "lastModified": "2025-07-23T16:03:34.897", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B371109-292C-4FCC-B15E-F16EE312BB13", "versionEndExcluding": "6.4.15", "versionStartIncluding": "6.4.0"}, {"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B11CFFF-42AB-40E5-8AA0-DCAB1364A2BD", "versionEndExcluding": "7.0.11", "versionStartIncluding": "7.0.0"}, {"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "038A829E-84FE-4B42-AE54-A6DE066EE59C", "versionEndExcluding": "7.2.9", "versionStartIncluding": "7.2.0"}, {"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47E81562-F1B3-4759-B046-DC343FD7651A", "versionEndExcluding": "7.4.5", "versionStartIncluding": "7.4.0"}, {"criteria": "cpe:2.3:o:fortinet:fortiswitch:7.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31C81F91-69B3-4F98-9B5E-AD6C03E05638"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}