An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Windows 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions, Linux 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions and Mac 7.2.0 through 7.2.1, 7.0 all versions, 6.4 all versions, 6.2 all versions, may allow a local authenticated attacker with no Administrative privileges to retrieve the list of files or folders excluded from malware scanning.
References
| Link | Resource |
|---|---|
| https://fortiguard.com/psirt/FG-IR-22-235 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
12 Oct 2023, 20:21
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 3.3 |
| CWE | NVD-CWE-noinfo | |
| First Time |
Fortinet
Fortinet forticlient |
|
| CPE | cpe:2.3:a:fortinet:forticlient:7.2.0:*:*:*:*:linux:*:* cpe:2.3:a:fortinet:forticlient:7.2.0:*:*:*:*:windows:*:* cpe:2.3:a:fortinet:forticlient:7.2.1:*:*:*:*:macos:*:* cpe:2.3:a:fortinet:forticlient:7.2.0:*:*:*:*:macos:*:* cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:linux:*:* cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:macos:*:* cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:* |
|
| References | (MISC) https://fortiguard.com/psirt/FG-IR-22-235 - Vendor Advisory |
10 Oct 2023, 17:52
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-10-10 17:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-37939
Mitre link : CVE-2023-37939
CVE.ORG link : CVE-2023-37939
JSON object : View
Products Affected
fortinet
- forticlient
CWE