BugZero | Fortinet BugID 1070560 - Admin authentication bypass when configuring TACAC...

OPERATIONAL DEFECT DATABASE

...

BugZero | Fortinet BugID 1070560 - Admin authentication bypass when configuring TACAC...

Fortinet - Defect ID: 1070560

Admin authentication bypass when configuring TACACS server

Fortinet - Defect ID: 1070560

Admin authentication bypass when configuring TACACS server

Last updated on November 28th, 2024

BugZero Risk Score
8.0 High

Overall: 8.0

Lifecycle: 10.0

Community: 3.7

What is the BugZero Risk Score?

Fortinet Integration

Learn more about where this data comes from

Fortinet Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Priority: Unspecified
Status: Fixed
Impacted Service: Common Vulnerabilities & ExposuresUser & Authentication

Description

Admin authentication bypass when configuring TACACS server. FortiOS7.4.8 no longer vulnerable to the following CVE:CVE-2025-22252 FortiOS 7.4.7 is no longer vulnerable to the following CVE: CVE-2025-22252

Change history

2024-11-28 Added: 7.4.7, 7.4.8, 7.6.1

Top Fortinet Defects

8.4Defect ID: 1139201
Internal resources are inaccessible via IP or FQDN when using agentless ZTNA Access proxy-portal with apptype web on FortiGate
8.1Defect ID: 1165424
The behaviour of the command diagnose ip router bgp <module> <enable | disable> is incorrect
8.0Defect ID: 1170210
FGT Wireless controller Wifi client cannot ping GW/FGT interface
8.0Defect ID: 1133589
HA cluster fails to form when FIPS-CC is enabled
8.0Defect ID: 1172922
SDN dynamic address synchronization flaps or fails when SDN connectors are frequently enabled and disabled

Fortinet Integration

Learn more about where this data comes from

Fortinet Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

Fortinet - Defect ID: 1070560

Admin authentication bypass when configuring TACACS server

Fortinet - Defect ID: 1070560

Admin authentication bypass when configuring TACACS server

Last updated on November 28th, 2024

BugZero Risk Score8.0 High

Bug Details

Links

Top Fortinet Defects

Ready to prevent the next vendor outage?

BugZero Risk Score
8.0 High