A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the "diag sys ha checksum show" command.
Metrics
Affected Vendors & Products
References
History
Fri, 25 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2020-10-21T14:05:55
Updated: 2024-10-25T14:24:11.567Z
Reserved: 2020-01-09T00:00:00
Link: CVE-2020-6648
Vulnrichment
Updated: 2024-08-04T09:11:04.625Z
NVD
Status : Modified
Published: 2020-10-21T14:15:20.387
Modified: 2024-11-21T05:36:05.557
Link: CVE-2020-6648
Redhat
No data.