CWE-312: Cleartext Storage of Sensitive Information Vulnerability in FortiTester

CWE-312: Cleartext Storage of Sensitive Information Vulnerability in FortiTester

CVE-2023-40715 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through 7.2.3 may allow an attacker with access to the DB contents to retrieve the plaintext password of external servers configured in the device.

Learn more about our Cis Benchmark Audit For Server Software.