VYPR
Unrated severityNVD Advisory· Published Oct 6, 2021· Updated Oct 25, 2024

CVE-2021-36170

CVE-2021-36170

Description

An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions 7.0.0 and 6.4.6 and below may allow an authenticated attacker to read the FortiCloud credentials which were used to activate the trial license in cleartext.

Affected products

3
  • Fortinet/Fortianalyzerllm-fuzzy2 versions
    7.0.0, <=6.4.6+ 1 more
    • (no CPE)range: 7.0.0, <=6.4.6
    • (no CPE)range: FortiManager 7.0.0, 6.4.6; FortiAnalyzer 7.0.0, 6.4.6
  • Range: 7.0.0, <=6.4.6

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.