CVE-2024-52962: 
Fortinet FortiManager vulnerability analysis and mitigation

An Improper Output Neutralization for Logs vulnerability (CVE-2024-52962) affects FortiAnalyzer and FortiManager products. The vulnerability was discovered by Alexandre Labb from A1 Digital International and was initially published on April 8, 2025. The affected versions include FortiAnalyzer versions 7.6.1 and below, 7.4.5 and below, 7.2.8 and below, 7.0.13 and below, and FortiManager versions 7.6.1 and below, 7.4.5 and below, 7.2.8 and below, 7.0.12 and below (Fortinet PSIRT).

The vulnerability is classified as CWE-117 (Improper Output Neutralization for Logs) with a CVSS v3.1 Base Score of 5.3 (Medium) and vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N. This indicates that the vulnerability can be exploited over the network, requires low attack complexity, needs no privileges or user interaction, and has a limited impact on integrity with no impact on confidentiality or availability (NVD).

The vulnerability allows an unauthenticated remote attacker to pollute the logs via crafted login requests. This could potentially lead to the execution of unauthorized code or commands in the system (Fortinet PSIRT).

Fortinet has released patches for the affected versions. Users are advised to upgrade to the following versions: FortiAnalyzer 7.6.2 or above, 7.4.6 or above, 7.2.9 or above, 7.0.14 or above, and FortiManager 7.6.2 or above, 7.4.6 or above, 7.2.9 or above, 7.0.14 or above. FortiAnalyzer and FortiManager version 6.4 are not affected by this vulnerability (Fortinet PSIRT).