4.3
CVE-2025-31514
- EPSS 0.34%
- Veröffentlicht 14.10.2025 15:23:52
- Zuletzt bearbeitet 09.06.2026 16:16:34
- Quelle psirt@fortinet.com
- CVE-Watchlists
- Unerledigt
A insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.13, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions may allow attacker to information disclosure via <insert attack vector here>
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fortinet ≫ FortiProxy Version >= 7.0.0 < 7.6.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.34% | 0.257 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| psirt@fortinet.com | 2.7 | 1.2 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
|
CWE-532 Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.
https://fortiguard.fortinet.com/psirt/FG-IR-24-452
https://cert-portal.siemens.com/productcert/html/ssa-864900.html