5.3
CVE-2025-67604
- EPSS 0.09%
- Veröffentlicht 12.05.2026 16:54:11
- Zuletzt bearbeitet 15.05.2026 14:03:47
- Quelle psirt@fortinet.com
- CVE-Watchlists
- Unerledigt
A use of potentially dangerous function vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager 6.4 all versions may allow an authenticated attacker to cause a system hang via multiple specially crafted HTTP requests causing crashes. This happens if internal locks are aligned, which is out of control of the attacker.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fortinet ≫ Fortianalyzer Version >= 7.2.0 <= 7.2.12
Fortinet ≫ Fortianalyzer Version >= 7.4.0 < 7.4.9
Fortinet ≫ Fortianalyzer Version >= 7.6.0 < 7.6.5
Fortinet ≫ Fortimanager Version >= 7.2.0 <= 7.2.12
Fortinet ≫ Fortimanager Version >= 7.4.0 < 7.4.9
Fortinet ≫ Fortimanager Version >= 7.6.0 < 7.6.5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.261 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@fortinet.com | 5.3 | 1.6 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-676 Use of Potentially Dangerous Function
The product invokes a potentially dangerous function that could introduce a vulnerability if it is used incorrectly, but the function can also be used safely.