High severity8.8NVD Advisory· Published Dec 15, 2017· Updated Jun 17, 2026
CVE-2017-14184
CVE-2017-14184
Description
An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users to see each other's VPN authentication credentials due to improperly secured storage locations.
Affected products
8cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:macos:*:*+ 2 more
- cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:macos:*:*range: <5.6.0
- cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*range: <5.6.0
- (no CPE)range: <=5.6.0
cpe:2.3:a:fortinet:forticlient_sslvpn_client:*:*:*:*:*:linux:*:*+ 1 more
- cpe:2.3:a:fortinet:forticlient_sslvpn_client:*:*:*:*:*:linux:*:*range: <4.4.2334
- (no CPE)range: <=4.4.2334
- Fortinet, Inc./FortiClient for Mac OSXv5Range: 5.6.0 and below
- Fortinet, Inc./FortiClient for Windowsv5Range: 5.6.0 and below
- Fortinet, Inc./FortiClient SSLVPN Client for Linuxv5Range: 4.4.2334 and below
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/102123nvdThird Party AdvisoryVDB Entry
- fortiguard.com/advisory/FG-IR-17-214nvdMitigationVendor Advisory
News mentions
0No linked articles in our index yet.