CVE-2023-25604
First published: Tue Oct 10 2023(Updated: )
An insertion of sensitive information into log file vulnerability in Fortinet FortiGuest 1.0.0 allows a local attacker to access plaintext passwords in the RADIUS logs.
Credit: psirt@fortinet.com psirt@fortinet.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiGuest | =1.0.0 |
Remedy
Please upgrade to FortiGuest version 1.1.0 or above
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for the Fortinet FortiGuest vulnerability?
The vulnerability ID for the Fortinet FortiGuest vulnerability is CVE-2023-25604.
What is the severity of CVE-2023-25604?
CVE-2023-25604 has a severity rating of medium.
How does CVE-2023-25604 impact Fortinet FortiGuest?
CVE-2023-25604 allows a local attacker to access plaintext passwords in the RADIUS logs of Fortinet FortiGuest 1.0.0.
Which version of Fortinet FortiGuest is affected by CVE-2023-25604?
CVE-2023-25604 affects Fortinet FortiGuest 1.0.0.
Is there a fix available for CVE-2023-25604?
Please refer to the official reference provided by Fortinet for information on available fixes for CVE-2023-25604.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- vendor/fortinet
- canonical/fortinet fortiguest
- version/fortinet fortiguest/1.0.0