Lucene search
FortiGuard LabsFG-IR-21-112HistoryOct 05, 2021 - 12:00 a.m.
FortiAnalyzer & FortiManager - Forticloud credentials observed in cleartext in the logfile
2021-10-0500:00:00
FortiGuard Labs
www.fortiguard.com
10
0.0004 Low
EPSS
Percentile
12.7%
An information disclosure vulnerability [CWE-200] in FortiAnalyzer and FortiManager VM may allow an authenticated attacker to read the FortiCloud credentials which were used to activate the trial license in cleartext.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fortianalyzer | eq | 7.0.0 | |
| fortianalyzer | eq | 6.4.6 | |
| fortimanager | eq | 7.0.0 | |
| fortimanager | eq | 6.4.6 |
Related
cvelist
cvelist
CVE-2021-36170
2021-10-06 09:22:29
cve
cve
CVE-2021-36170
2021-10-06 10:15:07
cnvd
cnvd
Fortinet FortiManager VM和FortiAnalyzer Vm信息泄露漏洞
2021-10-29 00:00:00
prion
prion
Information disclosure
2021-10-06 10:15:00
nvd
nvd
CVE-2021-36170
2021-10-06 10:15:07