FortiOS SSL-VPN Information Exposure Vulnerability

FortiOS SSL-VPN Information Exposure Vulnerability

CVE-2022-35842 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiOS SSL-VPN versions 7.2.0, versions 7.0.0 through 7.0.6 and versions 6.4.0 through 6.4.9 may allow a remote unauthenticated attacker to gain information about LDAP and SAML settings configured in FortiOS.

Learn more about our Cis Benchmark Audit For Apple Ios.