CVE-2023-37935

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 7.0.0 through 7.0.12 Fortinet FortiOS versions 7.2.0 through 7.2.5 Fortinet FortiOS version 7.4.0

Description The issue is related to the use of the GET request method with sensitive query strings in Fortinet FortiOS, allowing an attacker to view plaintext passwords of remote services such as RDP or VNC if they can read the GET requests to those services. This can occur if the attacker has access to logs, referers, caches, etc.

Recommendations For Fortinet FortiOS versions 7.0.0 through 7.0.12, consider disabling the use of GET requests with sensitive query strings until a patch is available. For Fortinet FortiOS versions 7.2.0 through 7.2.5, restrict access to the FortiOS SSL VPN component to minimize the risk of exploitation. For Fortinet FortiOS version 7.4.0, avoid using sensitive query strings in GET requests to remote services until the issue is resolved. As a temporary workaround, consider restricting access to logs, referers, and caches that may contain sensitive information.