CNNVD-202512-1215 Information
CNNVD ID
CNNVD-202512-1215
Related CVE
- CNNVD Published: 2025-12-09
Description (Chinese)
Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise都是美国飞塔(Fortinet)公司的一款安全编排、自动化和响应软件。 Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise存在安全漏洞,该漏洞源于密码更改验证不足,可能导致重置账户凭据。以下产品及版本受到影响:FortiSOAR PaaS 7.6.0版本至7.6.2版本、FortiSOAR PaaS 7.5.0版本至7.5.1版本、FortiSOAR PaaS 7.4所有版本、FortiSOAR PaaS 7.3所有版本、FortiSOAR on-premise 7.6.0版本至7.6.2版本、FortiSOAR on-premise 7.5.0版本至7.5.1版本、FortiSOAR on-premise 7.4所有版本和FortiSOAR on-premise 7.3所有版本。
Description (English)
Fortinet FortiSAAR Paas and Fortinet FortiSAAR on-premise are all United States Towers security, automation and response software. Fortinet FortiSAAR Paas and Fortinet FortiSAAR on-premise had a security loophole, which stemmed from inadequate password change verification, which could lead to the replacement of the account. The following products and versions have been affected: FortiSOAR PaaS 7.6.0 to 7.6.2; FortiSOAR PaaS 7.5.0 to 7.5.1; FortiSOAR PaaS 7.4 in all versions; FortiSAOAR PaaS 7.3 in all versions; FortiSAOAR on-premise 7.6.0 to 7.6.2, FortiSAOAR on-premise 7.5.0 to 7.5.1, FortiSOAR on-premise 7.4 and FortiSAOAR on-premise 7.3 in all versions.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
飞塔
Published
2025-12-09
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-25-599
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-25-599
Share on: