Fortinet Fortigate - Plain-text credentials in GET request via SSL VPN web portal (FG-IR-23-120)

high Nessus Plugin ID 182950

Version 1.2

Oct 16, 2023, 5:15 PM

  • CVSS metrics ("CVSSv2 score" changed from 5.0 to 7.8. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N")
  • CVSSv2 severity (based on CVE-2023-37935, severity increased from "Medium" to "High")
  • CVSSv3 score source (set to "CVE-2023-37935")

Plugin Feed: 202310161715