A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and previous versions and FortiProxy 2.0.0, 1.2.9 and previous versions may allow an authenticated malicious user to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the "diag sys ha checksum show" command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortios |
||
fortinet fortiproxy 2.0.0 |
||
fortinet fortiproxy |