An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions 7.0.0 and 6.4.6 and below may allow an authenticated attacker to read the FortiCloud credentials which were used to activate the trial license in cleartext.
References
Link | Resource |
---|---|
https://fortiguard.com/advisory/FG-IR-21-112 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2021-10-06T09:22:29
Updated: 2021-10-06T09:22:29
Reserved: 2021-07-06T00:00:00
Link: CVE-2021-36170
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-10-06T10:15:07.873
Modified: 2021-10-14T14:10:34.840
Link: CVE-2021-36170
JSON object: View
Redhat Information
No data.
CWE