Fortinet FortiWLC Information Disclosure Vulnerability

Fortinet FortiWLC is a wireless controller from Fortinet. A security vulnerability exists in Fortinet FortiWLC. An attacker can exploit this vulnerability by reading the pam.log file to obtain sensitive user credentials...

CVE-2016-7561

Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow administrators to obtain sensitive user credentials by reading the pam.log file...

Design/Logic Flaw

Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow administrators to obtain sensitive user credentials by reading the pam.log file...

CVE-2016-7561

Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow administrators to obtain sensitive user credentials by reading the pam.log file...

CVE-2016-7561

CVE-2016-7561 affects Fortinet FortiWLC: versions 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0. The issue allows administrators to obtain sensitive user credentials by reading the pam.log file. The connected documents confirm this information exposure vector and list a F...

FortiWLC PAM.log authenticated user information exposure

The pam.log file generated by FortiWLC contains authenticated users credentials local admin and users authenticated against external servers. Users with admin privileges can access the pam.log file and read the credentials...