CVE-2017-7731

Summary

A weak password recovery vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows attacker to carry out information disclosure via the Forgotten Password feature.

Affected Software

VendorProductVersion RangeStatus
Fortinet, Inc.Fortinet FortiPortalFortiPortal versions 4.0.0 and belowaffected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References