CVE-2024-55592

📊 3.8 LOW⚡ 0.0%🎯 0 exploits

📅 Published Mar 11, 2025

📋 Status: Analyzed

An incorrect authorization vulnerability [CWE-863] in FortiSIEM 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions, may allow an authenticated attacker to perform unauthorized operations on incidents via crafted HTTP requests.

CVSS v3.1 • [email protected]

🎯 Affected Products & Systems

1 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	fortinet	fortisiem	≥ 5.3.0 ∧ ≤ 7.2.5	Vulnerable	cpe:2.3:a:fortinet:fortisiem::::::::

📱

fortinet / fortisiem

Application

Vulnerable

Version: ≥ 5.3.0 ∧ ≤ 7.2.5

CPE:

cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*

Metrics

3.8 LOWCVSS v3.1[email protected]

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Attack Vector:

NETWORK

Complexity:

LOW

Privileges:

HIGH

User Interaction:

NONE

Confidentiality:

LOW

Integrity:

LOW

Availability:

NONE

Scope:

UNCHANGED

🔍 Technical Details

Analysis Status

Analyzed

CVSS Details

3.8 (LOW)v3.1

Source: [email protected]

EPSS Details

0.0% (Minimal)4.5th percentile

Last updated: Oct 31, 2025

Exploitation probability within 30 days

Published Date

Mar 11, 2025 (7 months ago)

Last Modified

Jul 25, 2025 (3 months ago)

Security Weaknesses1

CWE-863

References2

NVDgeneral