Plaintext Password Exposure Vulnerability in Fortinet FortiOS 7.x

Plaintext Password Exposure Vulnerability in Fortinet FortiOS 7.x

CVE-2023-37935 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services.

Learn more about our Cis Benchmark Audit For Apple Ios.