VYPR
High severity7.2NVD Advisory· Published Dec 13, 2017· Updated Jun 17, 2026

CVE-2017-7738

CVE-2017-7738

Description

An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and below versions allow an admin user with super_admin privileges to view the current SSL VPN web portal session info which may contains user credentials through the fnsysctl CLI command.

Affected products

2
  • Fortinet/Fortios2 versions
    cpe:2.3:a:fortinet:fortios:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fortinet:fortios:*:*:*:*:*:*:*:*range: <=5.2
    • (no CPE)range: 5.6.0 to 5.6.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.