CVE-2017-7338

Published: May 27, 2017Modified: May 13, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A password management vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to carry out information disclosure via the FortiAnalyzer Management View.

Affected (1)

Products: Fortinet: Fortiportal

Fortinet

1 product

Fortiportal

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Fortinet Fortiportal	Up to 4.0.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://fortiguard.com/psirt/FG-IR-17-114

Source: psirt@fortinet.com

Vendor Advisory

https://fortiguard.com/psirt/FG-IR-17-114

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.