An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiClient for Mac versions 7.0.0 up to and including 7.0.5 may allow a local authenticated malicious user to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet forticlient |