Symbolic Link Following (CWE-59) Vulnerability in FortiClient for Linux
CVE-2021-44167 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient for Linux version 6.0.8 and below, 6.2.9 and below, 6.4.7 and below, 7.0.2 and below may allow an unauthenticated attacker to access sensitive information in log files and directories via symbolic links.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.