A insertion of sensitive information into sent data in Fortinet FortiManager Cloud 7.4.1 through 7.4.3, FortiVoice 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.7 through 6.0.12, FortiMail 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.9, FortiOS 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, 6.2.0 through 6.2.17, 6.0.0 through 6.0.18, FortiWeb 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.11, 7.0.0 through 7.0.11, 6.4.0 through 6.4.3, FortiRecorder 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiNDR 7.6.0 through 7.6.1, 7.4.0 through 7.4.8, 7.2.0 through 7.2.5, 7.1.0 through 7.1.1, 7.0.0 through 7.0.7, 1.5.0 through 1.5.3, FortiPAM 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiTester 7.4.0 through 7.4.2, 7.3.0 through 7.3.2, 7.2.0 through 7.2.3, 7.1.0 through 7.1.1, 7.0.0, 4.2.0 through 4.2.1, FortiProxy 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.21, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager 7.6.0 through 7.6.1, 7.4.1 through 7.4.3 allows attacker to disclose sensitive information via specially crafted packets.
2025-10-14T16:15:35.327
2025-10-15T17:36:57.413
Analyzed
CVSSv3.1: 4.3 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | fortinet | fortimail | < 7.2.7 | Yes |
| Application | fortinet | fortimail | < 7.4.3 | Yes |
| Application | fortinet | fortimanager | < 7.4.4 | Yes |
| Application | fortinet | fortimanager | < 7.6.2 | Yes |
| Application | fortinet | fortimanager_cloud | < 7.4.4 | Yes |
| Application | fortinet | fortindr | < 7.4.9 | Yes |
| Application | fortinet | fortindr | ≤ 7.6.2 | Yes |
| Operating System | fortinet | fortios | < 6.4.16 | Yes |
| Operating System | fortinet | fortios | < 7.0.16 | Yes |
| Operating System | fortinet | fortios | < 7.2.9 | Yes |
| Operating System | fortinet | fortios | < 7.4.5 | Yes |
| Operating System | fortinet | fortios | 7.6.0 | Yes |
| Operating System | fortinet | fortipam | ≤ 1.3.1 | Yes |
| Application | fortinet | fortiproxy | < 7.2.11 | Yes |
| Application | fortinet | fortiproxy | < 7.4.5 | Yes |
| Application | fortinet | fortirecorder | < 7.0.5 | Yes |
| Application | fortinet | fortirecorder | < 7.2.2 | Yes |
| Application | fortinet | fortisase | 24.3.20 | Yes |
| Application | fortinet | fortitester | < 7.4.3 | Yes |
| Application | fortinet | fortivoice | < 6.4.10 | Yes |
| Application | fortinet | fortivoice | < 7.0.5 | Yes |
| Application | fortinet | fortiweb | < 7.4.5 | Yes |
| Application | fortinet | fortiweb | 7.6.0 | Yes |