Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveFortinetCVE-2019-15704
HistoryNov 21, 2019 - 3:15 p.m.

CVE-2019-15704

2019-11-2115:15:13
CWE-311
fortinet
web.nvd.nist.gov
33
cve-2019-15704
vulnerability
forticlient
mac
local attacker
sensitive information
ssl vpn gateway

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.1

Confidence

High

EPSS

0

Percentile

5.1%

JSON

A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway.

Affected configurations

Nvd
Node
fortinetforticlientRange6.0.06.0.7macos
OR
fortinetforticlientMatch6.2.0macos
VendorProductVersionCPE
fortinetforticlient*cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:macos:*:*
fortinetforticlient6.2.0cpe:2.3:a:fortinet:forticlient:6.2.0:*:*:*:*:macos:*:*

CNA Affected

[
  {
    "product": "FortiClient for Mac OS",
    "vendor": "Fortinet",
    "versions": [
      {
        "status": "affected",
        "version": "FortiClient for Mac OS 6.2.0"
      },
      {
        "status": "affected",
        "version": "6.0.7"
      }
    ]
  }
]

Related

fortinet 1
nvd 1
prion 1
cvelist 1
symantec 1
fortinet
fortinet
Console window of FortiClient for Mac OS displays password in clear-text.
2019-11-08 00:00:00
nvd
nvd
CVE-2019-15704
2019-11-21 15:15:13
prion
prion
Information disclosure
2019-11-21 15:15:00
cvelist
cvelist
CVE-2019-15704
2019-11-21 14:53:57
symantec
symantec
Fortinet FortiClient for macOS CVE-2019-15704 Local Information Disclosure Vulnerability
2019-11-08 00:00:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.1

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2019-15704
fortinet1nvd1prion1cvelist1symantec1