First published: Tue Jun 13 2023(Updated: )
An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 through 7.2.4 and FortiProxy 7.0.0 through 7.0.10. 7.2.0 through 7.2.1 allows an attacker to read certain passwords in plain text.
Credit: psirt@fortinet.com
Affected Software | Affected Version | How to fix |
---|---|---|
Fortinet FortiProxy | >=7.0.0<=7.0.10 | |
Fortinet FortiProxy | =7.2.0 | |
Fortinet FortiProxy | =7.2.1 | |
Fortinet FortiOS | >=7.2.0<=7.2.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-26207 is an insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 through 7.2.4 and FortiProxy 7.0.0 through 7.0.10.
CVE-2023-26207 allows an attacker to read certain passwords in plain text on Fortinet FortiOS 7.2.0 through 7.2.4.
CVE-2023-26207 allows an attacker to read certain passwords in plain text on Fortinet FortiProxy 7.0.0 through 7.0.10.
The severity of CVE-2023-26207 is medium with a CVSS score of 6.5.
There is no fix available for CVE-2023-26207 at the moment. Please refer to the vendor's security advisory for updates.