An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal.
2022-11-02T12:15:53.193
2024-11-21T07:08:30.790
Modified
CVSSv3.1: 2.2 (LOW)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | fortinet | forticlient | ≤ 7.0.5 | Yes |