CVE-2019-6693

Name of the Vulnerable Software and Affected Versions FortiOS, FortiManager, and FortiAnalyzer (affected versions not specified)

Description The vulnerability involves the use of a hard-coded cryptographic key to encrypt sensitive data within configuration backup files and CLI configurations. An attacker with access to these files can decrypt sensitive information, including user passwords (excluding the administrator's password), private key passphrases, and High Availability passwords.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.