CVE-2025-22256

Name of the Vulnerable Software and Affected Versions Fortinet FortiPAM versions 1.0.0 through 1.4.1 Fortinet FortiSRA versions 1.4.0 through 1.4.1

Description The issue is related to improper handling of insufficient permissions or privileges, allowing for improper access control via specially crafted HTTP requests.

Recommendations For Fortinet FortiPAM versions 1.0.0 through 1.4.1, consider restricting access to sensitive areas of the application to minimize the risk of exploitation until a patch is available. For Fortinet FortiSRA versions 1.4.0 through 1.4.1, consider restricting access to sensitive areas of the application to minimize the risk of exploitation until a patch is available.