An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClientEMS versions 7.0.0 up to and including 7.0.4, 7.0.6 up to and including 7.0.7, in all 6.4 and 6.2 version management interface may allow an unauthenticated malicious user to gain information on environment variables such as the EMS installation path.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet forticlient endpoint management server |