An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions 7.0.0 and 6.4.6 and below may allow an authenticated attacker to read the FortiCloud credentials which were used to activate the trial license in cleartext.
CPE | Name | Operator | Version |
---|---|---|---|
fortianalyzer | ge | 7.0.0 | |
fortianalyzer | le | 7.0.1 | |
fortianalyzer | lt | 6.4.7 | |
fortimanager | ge | 7.0.0 | |
fortimanager | lt | 7.0.1 | |
fortimanager | lt | 6.4.7 |