An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClientEMS versions 7.0.0 through 7.0.4, 7.0.6 through 7.0.7, in all 6.4 and 6.2 version management interface may allow an unauthenticated attacker to gain information on environment variables such as the EMS installation path.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-21-244 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2023-09-13T12:30:09.839Z
Updated: 2023-09-13T12:30:09.839Z
Reserved: 2021-11-23T15:35:55.087Z
Link: CVE-2021-44172
JSON object: View
NVD Information
Status : Modified
Published: 2023-09-13T13:15:07.537
Modified: 2023-11-07T03:39:34.130
Link: CVE-2021-44172
JSON object: View
Redhat Information
No data.
CWE