CNNVD-202512-1213 Information

CNNVD ID

CNNVD-202512-1213

Related CVE

CVE-2025-59923

• CNNVD Published: 2025-12-09

Description (Chinese)

Fortinet FortiAuthenticator是美国飞塔（Fortinet）公司的一款集中式的用户身份管理解决方案。 Fortinet FortiAuthenticator 6.6.0版本至6.6.4版本、6.5所有版本、6.4所有版本和6.3所有版本存在访问控制错误漏洞，该漏洞源于访问控制不当，可能导致获取其他管理员凭据。

Description (English)

Fortinet FortiAutenticator is a centralized user identity management solution for Fortinet. Fortinet FortiAutentctor 6.6.0 to 6.6.4, all version 6.5, all version 6.4 and all version 6.3 have access control error gaps, which stem from inappropriate access controls and may lead to access to other administrators.

Hazard Level

Critical

Vulnerability Type

访问控制错误

Affected Vendor

飞塔

Published

2025-12-09

Last Modified

2026-02-24

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-616 https://access.redhat.com/security/cve/cve-2025-59923

Patch

https://fortiguard.fortinet.com/psirt/FG-IR-25-616