CVE-2017-14184 FortiClient VPN Credentials Information Disclosure Vulnerability (FG-IR-17-214)

漏洞类别:Local

漏洞等级:

漏洞信息

FortiClient is a comprehensive endpoint security solution.

An Information Disclosure vulnerability has been identified in FortiClient which reveals VPN credentials.

Affected Versions:
FortiClient version 5.6.0 and earlier

QID Detection Logic (authenticated):
Operating System: Windows

The QID checks if the host is vulnerable or not by checking the version of the file “FortiVPNst.exe”. The location of the file is determined via the registry key “HKLM\SOFTWARE\Fortinet\FortiClient” and value “INSTALLDIR”.

漏洞危害

Successful exploitation of the vulnerability will allow a user to see VPN authentication credentials of other users (sharing the same workstation) due to improperly secured storage locations.

解决方案

Customers are advised to refer advisory FG-IR-17-214 to patch this vulnerability.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

FG-IR-17-214

Leave a Reply