VYPR
Unrated severityNVD Advisory· Published Nov 2, 2022· Updated Oct 22, 2024

CVE-2022-33878

CVE-2022-33878

Description

An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiClient for Mac versions 7.0.0 through 7.0.5 may allow a local authenticated attacker to obtain the SSL-VPN password in cleartext via running a logstream for the FortiTray process in the terminal.

Affected products

2
  • Fortinet/Forticlientllm-fuzzy2 versions
    7.0.0 - 7.0.5+ 1 more
    • (no CPE)range: 7.0.0 - 7.0.5
    • (no CPE)range: FortiClientMac 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.