CNNVD-202512-1214 Information
CNNVD ID
CNNVD-202512-1214
Related CVE
- CNNVD Published: 2025-12-09
Description (Chinese)
Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise都是美国飞塔(Fortinet)公司的一款安全编排、自动化和响应软件。 Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise存在访问控制错误漏洞,该漏洞源于访问控制不当,可能导致信息泄露。以下产品及版本受到影响:FortiSOAR PaaS 7.6.0版本至7.6.2版本、FortiSOAR PaaS 7.5.0版本至7.5.1版本、FortiSOAR PaaS 7.4所有版本、FortiSOAR PaaS 7.3所有版本、FortiSOAR on-premise 7.6.0版本至7.6.2版本、FortiSOAR on-premise 7.5.0版本至7.5.1版本、FortiSOAR on-premise 7.4所有版本和FortiSOAR on-premise 7.3所有版本。
Description (English)
Fortinet FortiSAAR Paas and Fortinet FortiSAAR on-premise are all United States Towers security, automation and response software. Fortinet FortiSAAR Paas and Fortinet FortiSAAR on-premise have access control errors, which stem from inappropriate access controls and may lead to the disclosure of information. The following products and versions have been affected: FortiSOAR PaaS 7.6.0 to 7.6.2; FortiSOAR PaaS 7.5.0 to 7.5.1; FortiSOAR PaaS 7.4 in all versions; FortiSAOAR PaaS 7.3 in all versions; FortiSAOAR on-premise 7.6.0 to 7.6.2, FortiSAOAR on-premise 7.5.0 to 7.5.1, FortiSOAR on-premise 7.4 and FortiSAOAR on-premise 7.3 in all versions.
Hazard Level
High
Vulnerability Type
访问控制错误
Affected Vendor
飞塔
Published
2025-12-09
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-25-601 https://access.redhat.com/security/cve/cve-2025-59810
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-25-601
Share on: