CVE-2025-59923 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An improper access control vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all ver…
Low CVSS: 2.7

CVE-2025-59923

An improper access control vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least read-only admin permission to obtain the credentials of other administrators' messaging services via crafted requests.
Vendor
Fortinet
Product
Fortiauthenticator
CWE
CWE-284
Yayın Tarihi
2025-12-09 18:15:55
Güncelleme
2025-12-11 17:15:56
Source Identifier
psirt@fortinet.com
KEV Date Added
-

Kategoriler

CWE-284 Fortiauthenticator LOW Fortinet 2025

Referanslar

https://fortiguard.fortinet.com/psirt/FG-IR-25-616