CVE-2025-22251 - CERT CVE

  1. CVE-2025-22251

ID CVE-2025-22251
Sažetak An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unauthorized sessions via crafted FGSP session synchronization packets.
Reference
CVSS
Base: 3.1
Impact: 1.4
Exploitability:1.6
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK HIGH NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE LOW NONE
CVSS vektor CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Zadnje važnije ažuriranje 12-06-2025 - 16:06
Objavljeno 10-06-2025 - 17:21