← Back

CVE-2025-59921

nvd nist
Published: Oct 14, 2025Modified: Oct 16, 2025

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: psirt@fortinet.com (Secondary)

Description

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiADC version 7.4.0, version 7.2.3 and below, version 7.1.4 and below, 7.0 all versions, 6.2 all versions may allow an authenticated attacker to obtain sensitive data via crafted HTTP or HTTPs requests.

Affected (3)

Products: Fortinet: Fortiadc
Fortinet
1 product
Fortiadc
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Fortinet
Fortiadc
From 6.2.0 to 7.1.5
Fortiadc
From 7.2.0 to 7.2.4
Fortiadc
Version 7.4.0

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (1)

Source: psirt@fortinet.com
Broken Link

Timeline

No history available yet.