CVE-2017-14184

Summary

An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users to see each other's VPN authentication credentials due to improperly secured storage locations.

Affected Software

VendorProductVersion RangeStatus
Fortinet, Inc.FortiClient for Windows5.6.0 and belowaffected
Fortinet, Inc.FortiClient for Mac OSX5.6.0 and belowaffected
Fortinet, Inc.FortiClient SSLVPN Client for Linux4.4.2334 and belowaffected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References