An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiManager versions before 7.0.2, 6.4.7 and 6.2.9 may allow a low privileged authenticated user to gain access to the FortiGate users credentials via the config conflict file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortimanager |