1. Home
  2. CVE Database
  3. CVE-2025-68482
MEDIUM · 6.9

CVE-2025-68482

A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiA...

Vulnerability Description

A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8, FortiManager 7.2 all versions, FortiManager 7.0 all versions, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to view confidential information via a man in the middle [MiTM] attack.

CVSS Score

6.9

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
HIGH
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
FortinetFortimanager>= 6.4.0, < 7.4.9
FortinetFortianalyzer>= 6.4.0, < 7.4.9

Related Weaknesses (CWE)

CWE-295

References

FAQ

What is CVE-2025-68482?

CVE-2025-68482 is a vulnerability with a CVSS score of 6.9 (MEDIUM). A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiA...

How severe is CVE-2025-68482?

CVE-2025-68482 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-68482?

Check the references section above for vendor advisories and patch information. Affected products include: Fortinet Fortimanager, Fortinet Fortianalyzer.