A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated attacker to retrieve some sensitive information such as users LDAP passwords and RADIUS shared secret by deobfuscating the passwords entry fields.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-20-044 |
History
Fri, 25 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-11-02T19:00:53
Updated: 2024-10-25T13:43:30.629Z
Reserved: 2020-07-24T00:00:00
Link: CVE-2020-15935
Vulnrichment
Updated: 2024-08-04T13:30:23.222Z
NVD
Status : Modified
Published: 2021-11-02T19:15:07.523
Modified: 2024-11-21T05:06:29.250
Link: CVE-2020-15935
Redhat
No data.