VYPR
Medium severity5.3NVD Advisory· Published May 25, 2018· Updated Jun 17, 2026

CVE-2017-14185

CVE-2017-14185

Description

An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8 and 5.2 all versions allows SSL VPN web portal users to access internal FortiOS configuration information (eg:addresses) via specifically crafted URLs inside the SSL-VPN web portal.

Affected products

2
  • Fortinet/Fortiosllm-fuzzy2 versions
    5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and all versions of 5.2+ 1 more
    • (no CPE)range: 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and all versions of 5.2
    • (no CPE)range: 5.6.0 to 5.6.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.