A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.2 and below may allow an attacker to retrieve a logged-in SSL VPN user’s credentials should that attacker be able to read the session file stored on the targeted device’s system.
Published at: June 16, 2020 at 05:15PM
View on website
Educ Arte Económico 