An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users to see each other's VPN authentication credentials due to improperly secured storage locations.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/102123 | Third Party Advisory VDB Entry |
https://fortiguard.com/advisory/FG-IR-17-214 | Mitigation Vendor Advisory |
Configurations
History
No history.
Information
Published : 2017-12-15 21:29
Updated : 2024-02-28 16:04
NVD link : CVE-2017-14184
Mitre link : CVE-2017-14184
CVE.ORG link : CVE-2017-14184
JSON object : View
Products Affected
fortinet
- forticlient
- forticlient_sslvpn_client
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor