CWE-319: Cleartext Transmission of Sensitive Information Vulnerability in Fortinet FortiOS and FortiProxy
CVE-2022-41327 · MEDIUM Severity
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.
Learn more about our Cis Benchmark Audit For Apple Ios.