CNNVD-202602-1617 Information

CNNVD ID

CNNVD-202602-1617

Related CVE

CVE-2026-21743

• CNNVD Published: 2026-02-10

Description (Chinese)

Fortinet FortiAuthenticator是美国飞塔（Fortinet）公司的一款集中式的用户身份管理解决方案。 Fortinet FortiAuthenticator 6.6.0版本至6.6.6版本、6.5所有版本、6.4所有版本和6.3所有版本存在安全漏洞，该漏洞源于缺少授权检查，可能导致只读用户通过文件上传修改本地用户。

Description (English)

Fortinet FortiAutenticator is a centralized user identity management solution for Fortinet. There is a security loophole in Fortinet FortiOrticator 6.6.0 to 6.6.6, 6.5 to all, 6.4 to all and 6.3, which stems from a lack of authorization checks, which may lead to read-only users changing local users by uploading documents.

Vulnerability Type

其他

Affected Vendor

飞塔

Published

2026-02-10

Last Modified

2026-02-24

References

https://fortiguard.fortinet.com/psirt/FG-IR-25-528 https://access.redhat.com/security/cve/cve-2026-21743

Patch

https://fortiguard.fortinet.com/psirt/FG-IR-25-528