Unauthenticated Access to Confighandler Webserver Vulnerability in FortiClient for Linux

Unauthenticated Access to Confighandler Webserver Vulnerability in FortiClient for Linux

CVE-2021-43205 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.