CNNVD-202510-1971 Information
CNNVD ID
CNNVD-202510-1971
Related CVE
- CNNVD Published: 2025-10-14
Description (Chinese)
Fortinet FortiOS是美国飞塔(Fortinet)公司的一套专用于FortiGate网络安全平台上的安全操作系统。该系统为用户提供防火墙、防病毒、IPSec/SSLVPN、Web内容过滤和反垃圾邮件等多种安全功能。 Fortinet FortiOS存在日志信息泄露漏洞,该漏洞源于将敏感信息插入日志文件,可能导致攻击者检索敏感2FA相关信息。以下版本受到影响:7.6.0版本至7.6.3版本、7.4所有版本、7.2所有版本、7.0所有版本和6.4所有版本。
Description (English)
Fortinet FortiOS is a security operating system dedicated to the FortiGate network security platform of the United States of America. The system provides a wide range of security features for users, including firewalls, anti-virus, IPSEc/SSLVPN, Web content filters and anti-spam. Fortinet FortiOS has a leak in log information, which stems from the insertion of sensitive information into log files and may lead to the search of sensitive 2FA information by the assailant. The following versions were affected: 7.6.0 to 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions and 6.4 all versions.
Hazard Level
Critical
Vulnerability Type
日志信息泄露
Affected Vendor
飞塔
Published
2025-10-14
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-24-452 https://vigilance.fr/vulnerability/FortiOS-logged-sensitive-information-via-Debug-Command-48451 https://access.redhat.com/security/cve/cve-2025-31514
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-24-452
Share on: