4 matches found
Fortinet FortiClient stores the SSLVPN password in cleartext (FG-IR-22-246) (macOS)
The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-246 advisory. - An exposure of sensitive information to an unauthorized actor vulnerabiltiy CWE-200 in FortiClient for Mac versions 7.0.0...
CVE-2022-33878
An exposure of sensitive information to an unauthorized actor vulnerabiltiy CWE-200 in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal...
CVE-2022-33878
An exposure of sensitive information to an unauthorized actor vulnerabiltiy CWE-200 in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal...
CVE-2022-33878
CVE-2022-33878 affects FortiClient for Mac, versions 7.0.0–7.0.5. A local authenticated attacker can obtain the SSL-VPN password in cleartext by running a logstream for the FortiTray process in the terminal. This is a local-attack scenario with disclosure of sensitive credentials; the provided do...