CVE-2020-9289

Published: 2020-06-16T21:15Z

Last Modified: 2024-11-21T05:40Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of the hard-coded key. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt