Lucene search
China National Vulnerability DatabaseCNVD-2023-98183HistoryNov 17, 2023 - 12:00 a.m.
Fortinet FortiClient Hardcoding Vulnerability
2023-11-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
20
fortinet
endpoint security
ipsec
ssl encryption
wan optimization
compliance
two-factor authentication
fortigate
firewall
hard-coded credentials
vulnerability
system protection
static credentials
cnvd
Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A hard-coded vulnerability exists in Fortinet FortiClient Windows that stems from the presence of hard-coded credentials in the application. An attacker could exploit the vulnerability to bypass system protection through the use of static credentials.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fortinet forticlientwindows | eq | 7.2.0 | |
| fortinet forticlientwindows | eq | 7.2.1 | |
| fortinet forticlient windows >=7.0.0, | le | 7.0.9 |
Related
cvelist
cvelist
CVE-2023-33304
2023-11-14 18:07:27
prion
prion
Hardcoded credentials
2023-11-14 18:15:00
cve
cve
CVE-2023-33304
2023-11-14 18:15:30
nessus
nessus
Fortinet FortiClient (FG-IR-23-108)
2024-04-26 00:00:00
nvd
nvd
CVE-2023-33304
2023-11-14 18:15:30