CNNVD-202510-1963 Information
CNNVD ID
CNNVD-202510-1963
Related CVE
- CNNVD Published: 2025-10-14
Description (Chinese)
Fortinet FortiAnalyzer是美国飞塔(Fortinet)公司的一套集中式网络安全报告解决方案。该产品主要用于收集网络日志数据,并通过报告套件对日志中的安全事件、网络流量、Web内容等进行分析、报告、归档操作。 Fortinet FortiAnalyzer存在竞争条件问题漏洞,该漏洞源于共享资源同步不当,可能导致竞争条件攻击。以下版本受到影响:7.6.0版本至7.6.2版本、7.4.0版本至7.4.6版本、7.2.0版本至7.2.10版本和7.0.13之前版本。
Description (English)
Fortinet FortiAnalyzer is a centralized network security reporting solution for Fortinet. The product is used primarily for the collection of web log data and for analysis, reporting and archiving of security incidents, network traffic, Web content, etc. in the logs through the reporting package. Fortinet FortiAnalyzer has a gap in competition conditions, which stems from the missynchronization of shared resources and may lead to competitive conditions attacks. The following versions were affected: 7.6.0 to 7.6.2, 7.4.0 to 7.4.6, 7.2.0 to 7.2.10 and pre-7.013.
Hazard Level
High
Vulnerability Type
竞争条件问题
Affected Vendor
飞塔
Published
2025-10-14
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-25-198 https://access.redhat.com/security/cve/cve-2025-54973 https://vigilance.fr/vulnerability/FortiAnalyzer-user-access-via-Concurrent-Execution-48568
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-25-198
Share on: