A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13 and FortiClientLinux 7.4.0 through 7.4.2, 7.2.0 through 7.2.7, 7.0.0 through 7.0.13 may permit a local authenticated user to retrieve VPN password via memory dump, due to JavaScript's garbage collector
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.fortinet.com/psirt/FG-IR-23-278 |
History
Wed, 18 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 18 Dec 2024 13:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13 and FortiClientLinux 7.4.0 through 7.4.2, 7.2.0 through 7.2.7, 7.0.0 through 7.0.13 may permit a local authenticated user to retrieve VPN password via memory dump, due to JavaScript's garbage collector | |
Weaknesses | CWE-312 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-12-18T12:44:38.644Z
Updated: 2024-12-18T14:44:04.613Z
Reserved: 2024-10-24T11:52:14.402Z
Link: CVE-2024-50570
Vulnrichment
Updated: 2024-12-18T14:33:12.270Z
NVD
Status : Received
Published: 2024-12-18T13:15:06.723
Modified: 2024-12-18T15:15:12.660
Link: CVE-2024-50570
Redhat
No data.