Lucene search
FortinetCVELIST:CVE-2017-17543HistoryDec 07, 2017 - 12:00 a.m.
CVE-2017-17543
2017-12-0700:00:00
fortinet
www.cve.org
1
0.001 Low
EPSS
Percentile
43.6%
Usersβ VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions, due to the use of a static encryption key and weak encryption algorithms.
CNA Affected
[
{
"product": "FortiClient for Windows",
"vendor": "Fortinet, Inc.",
"versions": [
{
"status": "affected",
"version": "5.6.0 and below versions"
}
]
},
{
"product": "FortiClient for Mac OSX",
"vendor": "Fortinet, Inc.",
"versions": [
{
"status": "affected",
"version": "5.6.0 and below versions"
}
]
},
{
"product": "FortiClient SSLVPN Client for Linux",
"vendor": "Fortinet, Inc.",
"versions": [
{
"status": "affected",
"version": "4.4.2335 and below versions"
}
]
}
]References
Related
cve
cve
CVE-2017-17543
2018-04-26 20:29:00
nvd
nvd
CVE-2017-17543
2018-04-26 20:29:00
prion
prion
Authentication flaw
2018-04-26 20:29:00
fortinet
fortinet
FortiClient insecure VPN credential storage and encryption
2018-04-20 00:00:00