Fortinet: >> Fortiauthenticator Security Vulnerabilities
Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and passwords in cleartext, which allows remote administrators to obtain sensitive information by reading the log at debug/startup/.
CVSS Score
4.0
EPSS Score
0.003
Published
2015-02-03
Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the slony PostgreSQL user and (2) www-data for the www-data PostgreSQL user, which makes it easier for remote attackers to obtain access via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.007
Published
2015-02-03
FortiGuard FortiAuthenticator before 3.0 allows remote administrators to gain privileges via the command line interface.
CVSS Score
9.0
EPSS Score
0.003
Published
2014-04-30
Page 3