Fortipam

5 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-61713 MEDIUM Monitor

A Cleartext Storage of Sensitive Information in Memory vulnerability [CWE-316] in Fortinet FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Fortinet Information Disclosure Fortipam
NVD
CVSS 3.1
4.2
EPSS
0.0%
CVE-2025-54821 LOW Monitor

An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS. Rated low severity (CVSS 1.9). No vendor patch available.

Fortinet Privilege Escalation Fortiproxy Fortipam Fortios
NVD
CVSS 3.1
1.9
EPSS
0.0%
CVE-2025-25248 MEDIUM This Month

An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Fortinet Integer Overflow Fortios Fortipam +1
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2024-26009 HIGH CERT-EU This Month

An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Fortinet Fortiswitchmanager Fortiproxy Fortipam +1
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-22256 MEDIUM This Month

A security vulnerability in Fortinet FortiPAM 1.4.0 (CVSS 6.3) that allows attacker. Remediation should follow standard vulnerability management procedures.

Fortinet Information Disclosure Fortipam Fortisra
NVD
CVSS 3.1
6.3
EPSS
0.0%
CVE-2025-61713
EPSS 0% CVSS 4.2
MEDIUM Monitor

A Cleartext Storage of Sensitive Information in Memory vulnerability [CWE-316] in Fortinet FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Fortinet Information Disclosure Fortipam
NVD
CVE-2025-54821
EPSS 0% CVSS 1.9
LOW Monitor

An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS. Rated low severity (CVSS 1.9). No vendor patch available.

Fortinet Privilege Escalation Fortiproxy +2
NVD
CVE-2025-25248
EPSS 0% CVSS 5.3
MEDIUM This Month

An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Fortinet Integer Overflow +3
NVD
CVE-2024-26009
EPSS 0% CVSS 8.1
HIGH This Month

An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Fortinet Fortiswitchmanager +3
NVD
CVE-2025-22256
EPSS 0% CVSS 6.3
MEDIUM This Month

A security vulnerability in Fortinet FortiPAM 1.4.0 (CVSS 6.3) that allows attacker. Remediation should follow standard vulnerability management procedures.

Fortinet Information Disclosure Fortipam +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy