CVE-2021-24024

Summary

A clear text storage of sensitive information into log file vulnerability in FortiADCManager 5.3.0 and below, 5.2.1 and below and FortiADC 5.3.7 and below may allow a remote authenticated attacker to read other local users' password in log files.

Affected Software

VendorProductVersion RangeStatus
FortinetFortinet FortiADCManager, FortiADCFortiADCManager 5.3.0 and below, 5.2.1 and below; FortiADC 5.3.7 and belowaffected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References