PT-2018-6530 · Fortinet · Forticlient For Mac Osx+2
Published
2018-04-26
·
Updated
2020-05-11
·
CVE-2017-17543
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
FortiClient for Windows versions 5.6.0 and below
FortiClient for Mac OSX versions 5.6.0 and below
FortiClient SSLVPN Client for Linux versions 4.4.2335 and below
Description:
The issue concerns the unsafe encryption of users' VPN authentication credentials. This is due to the use of a static encryption key and weak encryption algorithms.
Recommendations:
For FortiClient for Windows versions 5.6.0 and below, update to a version above 5.6.0 to resolve the issue.
For FortiClient for Mac OSX versions 5.6.0 and below, update to a version above 5.6.0 to resolve the issue.
For FortiClient SSLVPN Client for Linux versions 4.4.2335 and below, update to a version above 4.4.2335 to resolve the issue.
Fix
Inadequate Encryption Strength
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Forticlient Sslvpn Client For Linux
Forticlient For Mac Osx
Forticlientwindows