An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Windows 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions, Linux 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions and Mac 7.2.0 through 7.2.1, 7.0 all versions, 6.4 all versions, 6.2 all versions, may allow a local authenticated attacker with no Administrative privileges to retrieve the list of files or folders excluded from malware scanning.
References
| Link | Resource |
|---|---|
| https://fortiguard.com/psirt/FG-IR-22-235 | Vendor Advisory |
| https://fortiguard.com/psirt/FG-IR-22-235 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 08:12
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://fortiguard.com/psirt/FG-IR-22-235 - Vendor Advisory |
12 Oct 2023, 20:21
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | NVD-CWE-noinfo | |
| CPE | cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:linux:*:* cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:macos:*:* cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:* cpe:2.3:a:fortinet:forticlient:7.2.0:*:*:*:*:macos:*:* cpe:2.3:a:fortinet:forticlient:7.2.1:*:*:*:*:macos:*:* cpe:2.3:a:fortinet:forticlient:7.2.0:*:*:*:*:windows:*:* cpe:2.3:a:fortinet:forticlient:7.2.0:*:*:*:*:linux:*:* |
|
| First Time |
Fortinet forticlient
Fortinet |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 3.3 |
| References | (MISC) https://fortiguard.com/psirt/FG-IR-22-235 - Vendor Advisory |
10 Oct 2023, 17:52
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-10-10 17:15
Updated : 2024-11-21 08:12
NVD link : CVE-2023-37939
Mitre link : CVE-2023-37939
CVE.ORG link : CVE-2023-37939
JSON object : View
Products Affected
fortinet
- forticlient
CWE