Lucene search
FortinetCVELIST:CVE-2017-7738HistoryDec 13, 2017 - 10:00 p.m.
CVE-2017-7738
2017-12-1322:00:00
fortinet
www.cve.org
4
An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and below versions allow an admin user with super_admin privileges to view the current SSL VPN web portal session info which may contains user credentials through the fnsysctl CLI command.
CNA Affected
[
{
"product": "FortiOS",
"vendor": "Fortinet, Inc.",
"versions": [
{
"status": "affected",
"version": "5.6.0 to 5.6.2"
},
{
"status": "affected",
"version": "5.4.0 to 5.4.5"
},
{
"status": "affected",
"version": "5.2 and below"
}
]
}
]Related
nvd
nvd
CVE-2017-7738
2017-12-13 22:29:00
prion
prion
Information disclosure
2017-12-13 22:29:00
fortinet
fortinet
SSL VPN Web Portal user credentials may be leaked to super_admins
2017-12-08 00:00:00
cve
cve
CVE-2017-7738
2017-12-13 22:29:00
