3 matches found
Fortinet Fortigate Improper autorization over static files (FG-IR-25-684)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-684 advisory. - An improper authorization vulnerability CWE-285 in Fortinet FortiOS version 7.4.0 through 7.4.1 and before 7.2.8 & Fortinet...
CVE-2020-29010
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS version 6.2.4 and below, version 6.0.10 and belowmay allow remote authenticated actors to read the SSL VPN events log entries of users in other VDOMs by executing "get vpn ssl monitor" from the CLI. The sensiti...
Vulnerability fixed in FortiGate
A remotely authenticated malicious person is able to view the log entries of SSL VPN events from users in other VDOMs by executing "get vpn ssl monitor" from the command line. The sensitive data includes usernames, user groups and IP addresses. FortiGuard has made updates available to fix the...