PT-2017-13293 · Fortinet · Forticlient For Mac Osx+2
Published
2017-12-15
·
Updated
2020-05-11
·
CVE-2017-14184
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
FortiClient for Windows versions 5.6.0 and below
FortiClient for Mac OSX versions 5.6.0 and below
FortiClient SSLVPN Client for Linux versions 4.4.2334 and below
Description
An Information Disclosure issue allows regular users to see each other's VPN authentication credentials due to improperly secured storage locations.
Recommendations
For FortiClient for Windows versions 5.6.0 and below, update to a version above 5.6.0 to resolve the issue.
For FortiClient for Mac OSX versions 5.6.0 and below, update to a version above 5.6.0 to resolve the issue.
For FortiClient SSLVPN Client for Linux versions 4.4.2334 and below, update to a version above 4.4.2334 to resolve the issue.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Forticlient Sslvpn Client For Linux
Forticlient For Mac Osx
Forticlientwindows