VYPR
Unrated severityNVD Advisory· Published Jun 10, 2025· Updated Jun 10, 2025

CVE-2025-22256

CVE-2025-22256

Description

A improper handling of insufficient permissions or privileges in Fortinet FortiPAM 1.4.0 through 1.4.1, 1.3.0, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSRA 1.4.0 through 1.4.1 allows attacker to improper access control via specially crafted HTTP requests

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Fortinet/FortiSRAcpe-rescue2 versions
    cpe:2.3:a:fortinet:fortisra:1.4.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortisra:1.4.1:*:*:*:*:*:*:*range: 1.4.0
    • (no CPE)range: 1.4.0 through 1.4.1
  • Fortinet/Fortipamv52 versions
    cpe:2.3:o:fortinet:fortipam:1.4.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fortinet:fortipam:1.4.1:*:*:*:*:*:*:*range: 1.4.0
    • (no CPE)range: 1.4.0 through 1.4.1, 1.3.0, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.