Home
MEDIUM: 5.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:CDefault status
unaffected
6.0.0 (semver)
affected
Default status
unaffected
7.4.0 (semver)
affected
7.2.0 (semver)
affected
7.0.0 (semver)
affected
6.4.0 (semver)
affected
Default status
unaffected
7.6.0
affected
7.4.4
affected
7.2.7
affected
7.0.14
affected
Default status
unaffected
7.4.0 (semver)
affected
7.2.0 (semver)
affected
7.0.0 (semver)
affected
6.4.0 (semver)
affected
Description
A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.2, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6.4 all versions, FortiOS 7.6.0, FortiOS 7.4.4, FortiOS 7.2.7, FortiOS 7.0.14, FortiPortal 6.0 all versions may allow an authenticated admin to retrieve a certificate's private key via the device's admin shell.
Problem types
Product status
6.0.0 (semver)
7.4.0 (semver)
7.2.0 (semver)
7.0.0 (semver)
6.4.0 (semver)
7.6.0
7.4.4
7.2.7
7.0.14
7.4.0 (semver)
7.2.0 (semver)
7.0.0 (semver)
6.4.0 (semver)
References
fortiguard.fortinet.com/psirt/FG-IR-24-133
Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.
