CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-17543
https://notcve.org/view.php?id=CVE-2017-17543
26 Apr 2018 — Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions, due to the use of a static encryption key and weak encryption algorithms. Las credenciales de autenticación de VPN de los usuarios se cifran de manera no segura en Fortinet FortiClient para Windows en versiones 5.6.0 y anteriores, FortiClient para Mac OSX en versiones 5.... • https://fortiguard.com/advisory/FG-IR-17-214 • CWE-326: Inadequate Encryption Strength •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-14184
https://notcve.org/view.php?id=CVE-2017-14184
15 Dec 2017 — An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users to see each other's VPN authentication credentials due to improperly secured storage locations. Una vulnerabilidad de divulgación de información en Fortinet FortiClient for Windows 5.6.0 y anteriores, FortiClient for Mac OSX 5.6.0 y anteriores y FortiClient SSLVPN Client ... • http://www.securityfocus.com/bid/102123 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •