Unrated severityNVD Advisory· Published Nov 2, 2022· Updated Oct 22, 2024
CVE-2022-33878
CVE-2022-33878
Description
An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal.
Affected products
27.0.0 - 7.0.5+ 1 more
- (no CPE)range: 7.0.0 - 7.0.5
- (no CPE)range: FortiClientMac 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.