Unrated severityNVD Advisory· Published Jun 16, 2020· Updated Oct 25, 2024
CVE-2020-9289
CVE-2020-9289
Description
Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of the hard-coded key.
Affected products
3- Fortinet/FortiManagerdescription
- Range: <=6.2.3
- Range: <=6.2.3
Patches
Vulnerability mechanics
References
1- fortiguard.com/psirt/FG-IR-19-007mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.