CVE-2024-52962

Name of the Vulnerable Software and Affected Versions: FortiAnalyzer versions 7.6.1 and below FortiAnalyzer versions 7.4.5 and below FortiAnalyzer versions 7.2.8 and below FortiAnalyzer versions 7.0.13 and below FortiManager versions 7.6.1 and below FortiManager versions 7.4.5 and below FortiManager versions 7.2.8 and below FortiManager versions 7.0.12 and below

Description: An Improper Output Neutralization for Logs issue may allow an unauthenticated remote attacker to pollute the logs via crafted login requests.

Recommendations: For FortiAnalyzer versions 7.6.1 and below, consider updating to a version above 7.6.1. For FortiAnalyzer versions 7.4.5 and below, consider updating to a version above 7.4.5. For FortiAnalyzer versions 7.2.8 and below, consider updating to a version above 7.2.8. For FortiAnalyzer versions 7.0.13 and below, consider updating to a version above 7.0.13. For FortiManager versions 7.6.1 and below, consider updating to a version above 7.6.1. For FortiManager versions 7.4.5 and below, consider updating to a version above 7.4.5. For FortiManager versions 7.2.8 and below, consider updating to a version above 7.2.8. For FortiManager versions 7.0.12 and below, consider updating to a version above 7.0.12.