Dismissed
Permalink
CVE-2025-62631
5.3 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
by @LeSuisse Activity log
- Created automatic suggestion
-
@LeSuisse
removed
4 packages
- terraform-providers.fortios
- python312Packages.fortiosapi
- python313Packages.fortiosapi
- python314Packages.fortiosapi
- @LeSuisse dismissed
An insufficient session expiration vulnerability [CWE-613] in Fortinet FortiOS 7.4.0, …
An insufficient session expiration vulnerability [CWE-613] in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to maintain access to network resources via an active SSLVPN session not terminated after a user's password change under particular conditions outside of the attacker's control
References
Affected products
FortiOS
- =<7.0.19
- ==7.4.0
- =<7.2.11
- =<7.0.18
- =<6.4.16