CNNVD-202512-1220 Information

CNNVD ID

CNNVD-202512-1220

Related CVE

CVE-2025-57823

• CNNVD Published: 2025-12-09

Description (Chinese)

Fortinet FortiAuthenticator是美国飞塔（Fortinet）公司的一款集中式的用户身份管理解决方案。 Fortinet FortiAuthenticator 6.6.0版本至6.6.6版本、6.5所有版本、6.4所有版本和6.3所有版本存在安全漏洞，该漏洞源于直接请求漏洞，可能导致读取和下载设备日志。

Description (English)

Fortinet FortiAutenticator is a centralized user identity management solution for Fortinet. There is a security loophole in Fortinet FortiOrticator 6.6.0 to 6.6.6, all 6.5, 6.4 and 6.3, which stems from a direct request loophole that may lead to reading and downloading the device log.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

飞塔

Published

2025-12-09

Last Modified

2026-02-24

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-554 https://access.redhat.com/security/cve/cve-2025-57823

Patch

https://fortiguard.fortinet.com/psirt/FG-IR-25-554