CVE-2025-61713
published 2025-11-18CVE-2025-61713: A Cleartext Storage of Sensitive Information in Memory vulnerability [CWE-316] in Fortinet FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all…
medium4.4CVSS 3.1
AVLACLPRHUINSUCHINAN
A Cleartext Storage of Sensitive Information in Memory vulnerability [CWE-316] in Fortinet FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions may allow an authenticated attacker with read-write admin privileges to the CLI to obtain other administrators' credentials via diagnose commands.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet | — | — |
| fortinet | fortipam | — | — |
| fortinet | fortipam | — | — |
| fortinet | fortipam | — | — |
| fortinet | fortipam | >= 1.0.0 < 1.6.1 | 1.6.1 |
| fortinet | fortipam | 1.0.0 – 1.0.3 | — |
| fortinet | fortipam | 1.1.0 – 1.1.2 | — |
| fortinet | fortipam | 1.3.0 – 1.3.1 | — |
| fortinet | fortipam | 1.4.0 – 1.4.3 | — |
| fortinet | fortipam | 1.5.0 – 1.5.1 | — |