CVE-2020-15935

A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated attacker to retrieve some sensitive information such as users LDAP passwords and RADIUS shared secret by deobfuscating the passwords entry fields...

CVE-2020-15935

A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated attacker to retrieve some sensitive information such as users LDAP passwords and RADIUS shared secret by deobfuscating the passwords entry fields...

CVE-2020-15935

CVE-2020-15935 affects FortiADC GUIs (versions 5.4.3 and earlier; 6.0.0 and earlier). The root cause is cleartext storage/deobfuscation of password fields in the GUI, enabling remote authenticated attackers to retrieve sensitive data such as LDAP passwords and RADIUS shared secret. The connected ...

GitHub Enterprise Remote Code Execution via Marshal

pEveryone uses GitHub. If you have huge amount of green paper or you are very paranoid about your code, you can run your own GitHub. For $2,500 USD per 10 user years you get GitHub Enterprise: A virtual machine containing a fully-featured GitHub instance. Despite a few edge cases that are handled...