Fortinet Forticlient Sslvpn Client vulnerabilities
2 known vulnerabilities affecting fortinet/forticlient_sslvpn_client.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2017-17543HIGHCVSS 7.5≤ 4.4.23352018-04-26
CVE-2017-17543 [HIGH] CWE-326 CVE-2017-17543: Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6
Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions, due to the use of a static encryption key and weak encryption algorithms.
nvd
CVE-2017-14184HIGHCVSS 8.8fixed in 4.4.23342017-12-15
CVE-2017-14184 [HIGH] CWE-200 CVE-2017-14184: An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions
An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users to see each other's VPN authentication credentials due to improperly secured storage locations.
nvd