CVE-2025-59921_CVE-2025-59921

6.2 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:X/RC:C

Description

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiADC version 7.4.0, version 7.2.3 and below, version 7.1.4 and below, 7.0 all versions, 6.2 all versions may allow an authenticated attacker to obtain sensitive data via crafted HTTP or HTTPs requests.

Basic Information

ID CVE-2025-59921

Source fortinet

Published Oct 14, 2025 at 15:23

Affected Product

Vendor Fortinet

Product FortiADC

Version 7.4.0

Affected Versions Fortinet FortiADC 7.4.0
Fortinet FortiADC 7.2.0
Fortinet FortiADC 7.1.0
Fortinet FortiADC 7.0.0
Fortinet FortiADC 6.2.0

CWE Classification

CWE-200

References

fortiguard.fortinet.com /psirt/FG-IR-23-434

{
    "lastseen": "",
    "description": "An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiADC version 7.4.0, version 7.2.3 and below, version 7.1.4 and below, 7.0 all versions, 6.2 all versions may allow an authenticated attacker to obtain sensitive data via crafted HTTP or HTTPs requests.",
    "published": "2025-10-14T15:23:42.754Z",
    "modified": "2025-10-14T15:23:42.754Z",
    "type": "cve",
    "title": "CVE-2025-59921",
    "source": "fortinet",
    "references": "https://fortiguard.fortinet.com/psirt/FG-IR-23-434",
    "id": "CVE-2025-59921",
    "bulletinFamily": "",
    "cwe": [
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "Fortinet FortiADC 7.4.0\nFortinet FortiADC 7.2.0\nFortinet FortiADC 7.1.0\nFortinet FortiADC 7.0.0\nFortinet FortiADC 6.2.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.2,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:X/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FortiADC",
    "version": "7.4.0",
    "vendor": "Fortinet",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}