An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClientEMS versions 7.0.0 through 7.0.4, 7.0.6 through 7.0.7, in all 6.4 and 6.2 version management interface may allow an unauthenticated attacker to gain information on environment variables such as the EMS installation path.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-21-244 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-09-13T12:30:09.839Z
Updated: 2024-08-04T04:17:24.531Z
Reserved: 2021-11-23T15:35:55.087Z
Link: CVE-2021-44172
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-09-13T13:15:07.537
Modified: 2023-11-07T03:39:34.130
Link: CVE-2021-44172
Redhat
No data.