CVE-2025-61713_CVE-2025-61713

3.8 / 10

LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

Description

A Cleartext Storage of Sensitive Information in Memory vulnerability [CWE-316] in Fortinet FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions may allow an authenticated attacker with read-write admin privileges to the CLI to obtain other administrators' credentials via diagnose commands.

Basic Information

ID CVE-2025-61713

Source fortinet

Published Nov 18, 2025 at 17:01

Modified Nov 18, 2025 at 19:10

Affected Product

Vendor Fortinet

Product FortiPAM

Version 1.6.0

Affected Versions Fortinet FortiPAM 1.6.0
Fortinet FortiPAM 1.5.0
Fortinet FortiPAM 1.4.0
Fortinet FortiPAM 1.3.0
Fortinet FortiPAM 1.2.0
Fortinet FortiPAM 1.1.0
Fortinet FortiPAM 1.0.0

CWE Classification

CWE-316

References

fortiguard.fortinet.com /psirt/FG-IR-25-789

{
    "lastseen": "",
    "description": "A Cleartext Storage of Sensitive Information in Memory vulnerability [CWE-316] in Fortinet FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions may allow an authenticated attacker with read-write admin privileges to the CLI to obtain other administrators' credentials via diagnose commands.",
    "published": "2025-11-18T17:01:18.529Z",
    "modified": "2025-11-18T19:10:33.592Z",
    "type": "cve",
    "title": "CVE-2025-61713",
    "source": "fortinet",
    "references": "https://fortiguard.fortinet.com/psirt/FG-IR-25-789",
    "id": "CVE-2025-61713",
    "bulletinFamily": "",
    "cwe": [
        "CWE-316"
    ],
    "cvelist": null,
    "sourceData": "Fortinet FortiPAM 1.6.0\nFortinet FortiPAM 1.5.0\nFortinet FortiPAM 1.4.0\nFortinet FortiPAM 1.3.0\nFortinet FortiPAM 1.2.0\nFortinet FortiPAM 1.1.0\nFortinet FortiPAM 1.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 3.8,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FortiPAM",
    "version": "1.6.0",
    "vendor": "Fortinet",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}