CNNVD-202508-1254 Information
CNNVD ID
CNNVD-202508-1254
Related CVE
- CNNVD Published: 2025-08-12
Description (Chinese)
Fortinet FortiManager和Fortinet FortiManager Cloud都是美国飞塔(Fortinet)公司的产品。Fortinet FortiManager是一套集中化网络安全管理平台。该平台支持集中管理任意数量的Fortinet设备,并能够将设备分组到不同的管理域(ADOM)进一步简化多设备安全部署与管理。Fortinet FortiManager Cloud是一个基于云的网络管理软件。 Fortinet FortiManager和Fortinet FortiManager Cloud存在路径遍历漏洞,该漏洞源于路径遍历,可能导致覆盖任意文件。以下版本受到影响:FortiManager 7.6.0至7.6.1版本、7.4.0至7.4.5版本、7.2.0至7.2.9版本和7.0.13之前版本和FortiManager Cloud 7.6.0至7.6.1版本、7.4.0至7.4.5版本和7.2.9之前版本。
Description (English)
Fortinet FortiManager and Fortinet FortiManager Cloud are products of Fortinet. Fortinet FortiManager is a centralized network security management platform. The platform supports the central management of an arbitrary quantity of Fortinet equipment and is able to group the equipment into different management domains (ADOM) to further streamline the security deployment and management of multiple equipment. Fortinet FortiManager Cloud is a cloud-based web management software. Fortinet FortiManager and Fortinet FortiManager Cloud have a loophole in their path, which originates in the path through which they may cover any document. The following versions were affected: FortiManager, Versions 7.6.0 to 7.6.1, 7.4.0 to 7.4.5, Versions 7.2.0 to 7.2.9 and previous versions of 7.0.13 and fortiManager Cloud, Versions 7.6.0 to 7.6.1, Versions 7.4.0 to 7.4.5 and previous versions of 7.2.9.
Hazard Level
High
Vulnerability Type
路径遍历
Affected Vendor
飞塔
Published
2025-08-12
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-24-473 https://access.redhat.com/security/cve/cve-2024-52964
Patch
https://docs.fortinet.com/upgrade-tool/fortigate
Share on: