CNNVD-202510-1966 Information
CNNVD ID
CNNVD-202510-1966
Related CVE
- CNNVD Published: 2025-10-14
Description (Chinese)
Fortinet FortiAnalyzer是美国飞塔(Fortinet)公司的一套集中式网络安全报告解决方案。该产品主要用于收集网络日志数据,并通过报告套件对日志中的安全事件、网络流量、Web内容等进行分析、报告、归档操作。 Fortinet FortiAnalyzer 7.6.0版本至7.6.3版本和7.4.6之前版本存在授权问题漏洞,该漏洞源于身份验证不当,可能导致信息泄露或拒绝服务攻击。
Description (English)
Fortinet FortiAnalyzer is a centralized network security reporting solution for Fortinet. The product is used primarily for the collection of web log data and for analysis, reporting and archiving of security incidents, network traffic, Web content, etc. in the logs through the reporting package. Fortinet FortiAnalyzer versions 7.6.0 to 7.6.3 and previous versions 7.4.6 have a mandate gap, which stems from inappropriate identification, which may lead to information leaking or denial of service attacks.
Hazard Level
High
Vulnerability Type
授权问题
Affected Vendor
飞塔
Published
2025-10-14
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-25-378 https://access.redhat.com/security/cve/cve-2025-53845
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-25-378
Share on: