CVE-2015-1457 β€” Sensitive Information Exposure in Fortinet Fortiauthenticator

CWE-200 β€” Sensitive Information Exposure3 documents3 sources
Severity
4.9MEDIUMNVD
EPSS
0.1%
top 76.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Fortinet Fortiauthenticator
Timeline
PublishedFeb 3
Latest updateMay 17

Description

Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command.

CVSS vector

AV:L/AC:L/C:C/I:N/A:NExploitability: 3.9 | Impact: 6.9

Affected Packages1 packages

πŸ”΄Vulnerability Details

2
GHSA
GHSA-j3ph-7jqj-268f: Fortinet FortiAuthenticator 3β†—2022-05-17
β–Ά
CVEList
CVE-2015-1457: Fortinet FortiAuthenticator 3β†—2015-02-03
β–Ά
CVE-2015-1457 β€” Sensitive Information Exposure | cvebase