CVE-2025-24472
Published Feb 11, 2025
Last updated 6 days ago
AI description
CVE-2025-24472 is an authentication bypass vulnerability found in Fortinet's FortiOS and FortiProxy products. It allows unauthorized remote attackers to gain super-admin privileges by sending specially crafted requests to the system's CSF proxy. The affected versions are FortiOS 7.0.0 through 7.0.16, FortiProxy 7.0.0 through 7.0.19, and FortiProxy 7.2.0 through 7.2.12. Fortinet has addressed this vulnerability; users should update to FortiOS 7.0.17 or later, and FortiProxy 7.0.20/7.2.13 or later. This vulnerability was disclosed on February 11, 2025, and added to an existing advisory regarding another authentication bypass vulnerability, CVE-2024-55591, which affected the same Fortinet products. While initial reports indicated active exploitation, Fortinet clarified that CVE-2025-24472 itself has not been seen exploited in the wild, although CVE-2024-55591 has been. Patches for both vulnerabilities are available, and users who had previously patched their systems against CVE-2024-55591 are already protected against CVE-2025-24472. Workarounds such as disabling the HTTP/HTTPS administrative interface or restricting access to it by IP address are also available.
- Description
- An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
- Source
- psirt@fortinet.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
- Exploit added on
- Mar 18, 2025
- Exploit action due
- Apr 8, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
🚨 Fortinet has patched critical vulnerabilities (NCSC-2025-0082) in FortiOS, FortiProxy, FortiPAM, FortiSRA, and FortiWeb. Exploited in ransomware attacks, this flaw allows unauthorized code execution. Patch now! #CVE-2024-55591 #CVE-2025-24472 https://t.co/tPrTnAvPap
@RedTeamNewsBlog
24 Mar 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24472
@transilienceai
21 Mar 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
FortiOS, FotiProxyの脆弱性の悪用が確認されているとのこと。 CVE-2025-24472 CVE-2024-55591 Fortinet Vulnerability Exploited in Ransomware Attack, CISA Warns - Infosecurity Magazine https://t.co/w3vcJozVFT
@ntsuji
21 Mar 2025
6448 Impressions
30 Retweets
69 Likes
18 Bookmarks
2 Replies
1 Quote
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-24472 #Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability https://t.co/F6TsuBLDkl
@ScyScan
20 Mar 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Threat Alert: Fortinet CVE-2025-24472 Ransomware Exploitation 📅 Date: 2025-03-19 📌 Attribution: Mora_001 (potential ties to LockBit operations) 📝 Summary: A critical authentication bypass vulnerability (CVE-2025-24472) in Fortinet's FortiOS and FortiProxy technologies has…
@syedaquib77
20 Mar 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24472
@transilienceai
20 Mar 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🔴 FortiOS, Authentication Bypass, #CVE-2025-24472 (Critical) https://t.co/B3nCMGjLX5
@dailycve
19 Mar 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Security Alert: CISA has issued a critical warning about a major vulnerability (CVE-2025-24472) in Fortinet’s FortiOS and FortiProxy systems. Remote attackers can exploit this flaw to gain super-admin access. 🔗 Read more: https://t.co/pJkREGY1By https://t.co/DZUfXOc8GU
@Hosainfosec
19 Mar 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns: Fortinet FortiOS auth bypass (CVE-2025-24472) exploited in the wild. Patches out, but why bother? With WEBOUNCER, no patching, no updates—just instant protection. #Cybersecurity #WEBOUNCER #impenetrable https://t.co/PZKJp781A8 via @The_Cyber_News
@BrainLabVisions
19 Mar 2025
58 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
1 Quote
Ransomware Alert! Fortinet Under Siege: New ransomware gang SuperBlack exploits CVE-2024-55591 & CVE-2025-24472! CVE-2024-55591 – An Authentication bypass vulnerability affecting Fortinet's FortiOS and FortiProxy products. This flaw allows remote attackers to gain super-adm
@Loginsoft_Inc
19 Mar 2025
79 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
米国サイバーセキュリティ・社会基盤安全保障庁(CISA)が、既知の悪用された脆弱性カタログに、FortiOS/FortiProxyの認証回避CVE-2025-24472とGitHub Action tj-actions/changed-filesの悪性コードCVE-2025-30066を追加。対応期限は通常の4/8。Fortiはランサムウェア悪用済。 https://t.co/JQnPJmC90H
@__kokumoto
18 Mar 2025
1240 Impressions
4 Retweets
16 Likes
2 Bookmarks
1 Reply
0 Quotes
🛡️ We added vulnerabilities for Fortinet FortiOS & FortiProxy, CVE-2025-24472, and GitHub, CVE-2025-30066, to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/bJOgGeWmb8 & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec htt
@CISACyber
18 Mar 2025
11534 Impressions
58 Retweets
111 Likes
17 Bookmarks
5 Replies
4 Quotes
🚨 Hackers linked to LockBit are exploiting Fortinet firewall vulnerabilities (CVE-2024-55591 & CVE-2025-24472) to deploy the SuperBlack ransomware. 🔹 Data is exfiltrated before encryption 🔹 Strong ties to LockBit 3.0 ransomware 🔹 Unpatched orgs remain at risk 📌 Patch NOW
@the_aryanmittal
17 Mar 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New ransomware group Mora_001 is exploiting Fortinet vulnerabilities (CVE-2024-55591, CVE-2025-24472), linked to LockBit. Affected devices may face threats if not patched. 🚨 #Fortinet #Ransomware #USA link: https://t.co/ddxsXkSqYa https://t.co/Sbhk3dsM1c
@TweetThreatNews
17 Mar 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
SuperBlack ransomware exploits Fortinet auth bypass flaws. The two vulnerabilities, both authentication bypasses, are CVE-2024-55591 and CVE-2025-24472, which Fortinet disclosed in January and February. https://t.co/D4e54UyCDn https://t.co/xjXCWZmSBr
@riskigy
16 Mar 2025
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cyber Alert : "SuperBlack ransomware is crashing the party, sneaking through Fortinet firewall holes (CVE-2024-55591, CVE-2025-24472)! A sneaky Russian hacker’s behind it, turning cyber chaos up to 11. Patch those systems fast—don’t let this villain steal the show!" #cybercrime
@MohamedMar66543
16 Mar 2025
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: Recent Fortinet Vulnerabilities Exploited in 'SuperBlack' Ransomware Attacks CVE-2024-55591 CVE-2025-24472 CVE-2025-2447 Severity: 🔴 High Maturity: 💥 Mainstream Learn more: https://t.co/sg0tFeoYVO #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
15 Mar 2025
85 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
⚠️ Vulnerability Alert: Authentication Bypass Vulnerabilities in Fortinet Firewalls 📅 Timeline: Disclosure: 2024-01-14, Patch: 2025-01-21 📌 Attribution: 🆔cveId: CVE-2024-55591, CVE-2025-24472 📊baseScore: 📏cvssMetrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H… https:
@syedaquib77
15 Mar 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-55591 & CVE-2025-24472: Fortinet’s Double Vulnerability Nightmare https://t.co/vI63gkrOHW
@Dinosn
15 Mar 2025
5915 Impressions
39 Retweets
104 Likes
34 Bookmarks
0 Replies
1 Quote
CVE-2024-55591 & CVE-2025-24472: Fortinet's Double Vulnerability Nightmare Forescout researchers have identified a new ransomware group, dubbed Mora_001, exploiting two critical vulnerabilities in Fortinet products to gain unauthorized access to firewalls https://t.co/wwPp7i
@the_yellow_fall
15 Mar 2025
924 Impressions
4 Retweets
14 Likes
6 Bookmarks
0 Replies
1 Quote
SuperBlack Ransomware Targets Fortinet Flaws Hackers exploit Fortinet CVE-2024-55591 & CVE-2025-24472 to gain super_admin access, steal data & deploy SuperBlack ransomware 🛑 Linked to LockBit, it erases forensic traces with WipeBlack! Patch now!⚠️ https://t.co/q8dvOPU
@dCypherIO
14 Mar 2025
21 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🗞️ SuperBlack Ransomware Exploits Fortinet Auth Bypass Flaws in Targeted Attacks The new SuperBlack ransomware is exploiting Fortinet auth bypass flaws (CVE-2025-24472) to hit unpatched firewalls, with Forescout linking it to LockBit tactics. Over 23K vulnerable devices remain…
@gossy_84
14 Mar 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SuperBlack ransomware is exploiting Fortinet vulnerabilities! 📌 CVE-2024-55591 & CVE-2025-24472 used for initial access 📌 Double extortion + custom wiper WipeBlack 📌 Uses LockBit’s leaked builder Patch your systems! Breaking news from the world &… https://t.co/ZF7G3
@godeepweb
14 Mar 2025
37 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks The newly discovered SuperBlack ransomware has been exploiting two vulnerabilities CVE-2024-55591 and CVE-2025-24472 in Fortinet firewalls. https://t.co/1TlLQtZmcC https://t.co/Pf5olgk4t6
@persistsec
14 Mar 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
According to Forescout, SuperBlack ransomware is exploiting CVE-2024-55591 and CVE-2025-24472, which target FortiGate 7.0.X management interfaces patched in Jan 2025. My latest investigation found over 30K vulnerable servers worldwide (Mgmt interface exposed, no patch applied). h
@nekono_naha
14 Mar 2025
1333 Impressions
4 Retweets
9 Likes
4 Bookmarks
0 Replies
0 Quotes
2025年1月に修正されたFortiGate7.0.X系の管理画面を対象としたCVE-2024-55591、CVE-2025-24472を悪用したSuperBlackランサム攻撃をForescout社が報告。調査した所、本日時点でもグローバルで23K台、国内1K台超の脆弱サーバを発見。なお、管理画面閉鎖、パッチ適用済み機器でも以下のような極めて面倒… https://t.co/FYC5CH9Lqq https://t.co/kpJ4Cr5M7f
@nekono_naha
14 Mar 2025
3008 Impressions
8 Retweets
39 Likes
18 Bookmarks
0 Replies
1 Quote
A ransomware group, Mora_001, exploits Fortinet vulnerabilities CVE-2024-55591 and CVE-2025-24472 to deploy SuperBlack ransomware, with the latter confirmed exploited in attacks since February 2025, despite prior reassurances from Fortinet. #Security https://t.co/ARD6Z4X3bb
@Strivehawk
13 Mar 2025
65 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#threatreport #LowCompleteness Flash Notice: CVE-2025-24472 Actively Exploited - Patch and Manage | 03-03-2025 Source: https://t.co/PsbNnmQd6Y Key details below ↓ 🎯Victims: Fortinet 🔓CVEs: CVE-2024-55591 \[[Vulners](https://t.co/cNWxPVNtLL)] - CVSS V3.1: *9.8*, -… https:/
@rst_cloud
3 Mar 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-24472 - Vulnerabilidad de Omisión de Autenticación en Fortinet FortiOS y FortiProxy 🚨 🟠 Nivel de Urgencia: Alto 📊 Puntuación CVSS: 8.1 https://t.co/3GluuG61k7
@BanCERT_gt
28 Feb 2025
25 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
ثغرة (CVE-2025-24472) Zeroday في #Fortinet 💥 أمثلة هجمات واقعية 1️⃣ مسح لأجهزة FortiOS و FortiProxy المكشوفة للإنترنت 2️⃣ استغلال للحصول على امتيازات المسؤول دون مصادقة 3️⃣ تثبيت باب خلفي وسرقة بيانات حساسة الاطلاع على الأجهزة المكشوفة مع Criminal IP⬇ https://t.co/1oJ6C0aEkS htt
@CriminalIP_AR
26 Feb 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#Fortinet FortiOS & FortiProxy 제로데이 취약점 (CVE-2025-24472) 관리자 인증 우회 가능! 공격자에게 시스템이 뚫릴 수 있습니다. 💥 실제 공격 사례 1️⃣ 인터넷에 노출된 FortiOS 및 FortiProxy 장비 스캔 2️⃣ 취약점을 악용해 인증 없이 관리자 권한 획득 3️⃣ 추가 확장을 위해 백도어 설치 및… https://t.co/lnU8VKrEk0 https://t.co/t8FxATG440
@CriminalIP_KR
26 Feb 2025
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#Fortinet FortiOS & FortiProxyのゼロデイ脆弱性(CVE-2025-24472) 管理者認証をバイパス可能!攻撃者にシステムが突破される可能性があります。 💥 実際の攻撃事例 1️⃣ インターネットに公開されたFortiOS及びFortiProxy機器をスキャン 2️⃣ 脆弱性を悪用して認証なしで管理者権限を取得 3️⃣… https://t.co/PfKislj6UN https://t.co/lvAUH6BRpC
@CriminalIP_JP
26 Feb 2025
145 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #Fortinet Zero-Day Vulnerability (CVE-2025-24472) in FortiOS & FortiProxy Admins beware! This flaw allows authentication bypass, putting systems at risk of takeover. 💥 Real-World Attack Scenario: 1️⃣ Scanning for exposed FortiOS & FortiProxydevices online 2️⃣ Exploit
@CriminalIP_US
25 Feb 2025
178 Impressions
1 Retweet
2 Likes
1 Bookmark
1 Reply
0 Quotes
🚨CVE-2025-24472: Vulnerabilidad crítica en Fortinet 🤯🥷🏴☠️ Descubre cómo funciona esta vulnerabilidad, su impacto y las medidas urgentes que debes tomar.👇🏻 https://t.co/dcfDgUP3Fh… #hacking #infosec #hackers #cybersecurity https://t.co/HHhpCAWGge
@FOREX_MAX_C_E_O
24 Feb 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥 CVE-2025-24472: Authentication Bypass Crítico en FortiOS/FortiProxy Permite Toma de Control Total vía CSF Proxy https://t.co/eZU6QXSqhy
@tpx_Security
14 Feb 2025
135 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 ALERTA DE SEGURANÇA 🚨 Falha crítica na Fortinet (CVE-2025-24472) permite acesso superadmin remoto em FortiGate e FortiProxy! 🛑 Atualize já! ✔️ FortiOS 7.0.0 → 7.0.16 ✔️ FortiProxy 7.0.0 → 7.0.19 | 7.2.0 → 7.2.12 🔹 Clientes IT Value já protegidos! 📞 (21) 2532-5236 https://
@ITValueC
13 Feb 2025
8 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet has warned that attackers are exploiting a zero-day vulnerability (CVE-2025-24472) in FortiOS and FortiProxy to hijack firewalls, gaining super-admin access through crafted proxy requests. #CyberSecurity #Fortinet https://t.co/U6Y85xb2VX
@Cyber_O51NT
13 Feb 2025
107 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨FortiGate Vulnerability CVE-2025-24472 expands the vulnerability in FortiOS 7.0.0 to 7.0.16 discovered earlier this year and allows remote attackers to gain super-admin privileges. 👉Find out what to do now here: https://t.co/lPbEGgehMd https://t.co/SB1mOQtbuO
@OrangeCyberUK
12 Feb 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Alerta de segurança! Invasores estão explorando a vulnerabilidade CVE-2025-24472 do FortiOS e FortiProxy, possibilitando o sequestro de firewalls e acesso não autorizado a redes corporativas. Já aplicou as correções? Sua proteção depende disso! 🔒 #IncursioHack
@IncursioHack
12 Feb 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet has issued a warning about threat actors exploiting a new zero-day vulnerability, tracked as CVE-2025-24472 (with a CVSS score of 8.1), in its FortiOS and FortiProxy products to hijack firewalls. https://t.co/KIQFssswbb
@VULNERAsecurity
12 Feb 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fortinet has disclosed CVE-2025-24472, a vulnerability fixed in January, not a zero-day. Only CVE-2024-55591 is actively exploited. Organizations should secure their FortiOS & FortiProxy firewalls. 🔒 #Fortinet #Vulnerability #USA link: https://t.co/oUDNrTOWvi https://t.co/G
@TweetThreatNews
12 Feb 2025
15 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Fortinet has informed us that the new CVE-2025-24472 flaw added to FG-IR-24-535 today is not a zero-day and was already fixed in January, but not disclosed then. Furthermore, even though the current advisory states that the listed flaws were exploited in attacks and includes… ht
@BleepinComputer
12 Feb 2025
19370 Impressions
53 Retweets
164 Likes
39 Bookmarks
5 Replies
3 Quotes
Fortinet has informed us that the new CVE-2025-24472 flaw added to FG-IR-24-535 today is not a zero-day and was already fixed in January. Furthermore, even though the current advisory states that the listed flaws were exploited in attacks and includes workarounds, Fortinet says…
@BleepinComputer
12 Feb 2025
379 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FortiOSとFortiProxyの一部のバージョンにおいて、「認証バイパス」(CWE-288)の脆弱性CVE-2025-24472, CVE-2024-55591 攻撃者はNode.jsのWebSocketモジュールまたはCSFのプロキシリクエストを利用したリクエストを送ることで、管理者(スーパーユーザー)権限を取得します。 https://t.co/npc0IB0htf
@t_nihonmatsu
12 Feb 2025
270 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
タイトル見てCVE-2025-24472 が また新しいFortiOSのゼロデイかと驚きましたが、先月から騒ぎになってるCVE-2024-55591と影響範囲や対策バージョンは同じですね。内部的な攻撃経路が異なるので違うCVEをアサインしたのだと思われます。先月分でパッチ済みなら対処不要です。 https://t.co/agESMYZmn2
@nekono_naha
12 Feb 2025
1933 Impressions
8 Retweets
29 Likes
7 Bookmarks
0 Replies
0 Quotes
Fortinetで新たなゼロデイ脆弱性(CVE-2025-24472) 過去の既知の脆弱性(CVE-2024-55591)も悪用しインターネットに公開されたファイアウォールの管理ポータルを狙い、不正アクセスを試みる高度な手法が用いられています。 #セキュリティ対策Lab #セキュリティ https://t.co/O0SvszeLXw
@securityLab_jp
12 Feb 2025
31 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical Authentication Bypass vulnerabilities in Fortinet FortiOS & FortiProxy exploited in the wild! CVE-2025-24472, CVE-2024-55591 Attackers can gain super-admin privileges 📌 Patch immediately! #CyberSecurity #Vulmon https://t.co/xkzq4Kuidx
@vulmoncom
11 Feb 2025
2997 Impressions
6 Retweets
6 Likes
4 Bookmarks
1 Reply
3 Quotes
🚨 CVE-2025-24472🚨 Critical Authentication Bypass in Fortinet FortiOS & FortiProxy exploited in the wild! Attackers can gain super-admin privileges 📌 Patch immediately to protect your systems! #CyberSecurity #Vulmon https://t.co/M6HYXtiWOD
@vulmoncom
11 Feb 2025
21 Impressions
1 Retweet
0 Likes
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B14CD59-F557-48A0-8458-BECD3AD7DB3A",
"versionEndExcluding": "7.0.20",
"versionStartIncluding": "7.0.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDC18768-0891-465E-9900-3DF5D22A5CB3",
"versionEndExcluding": "7.2.13",
"versionStartIncluding": "7.2.0"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD357034-B2FD-4C2E-97FE-2C54D686D885",
"versionEndExcluding": "7.0.17",
"versionStartIncluding": "7.0.0"
}
],
"operator": "OR"
}
]
}
]