CWE-312: Cleartext Storage of Sensitive Information Vulnerability in FortiTester
CVE-2023-40715 · MEDIUM Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through 7.2.3 may allow an attacker with access to the DB contents to retrieve the plaintext password of external servers configured in the device.
Learn more about our Cis Benchmark Audit For Server Software.