← back
CVE-2017-14185

CVE-2017-14185

EPSS 1.4%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
25 May 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8 and 5.2 all versions allows SSL VPN web portal users to access internal FortiOS configuration information (eg:addresses) via specifically crafted URLs inside the SSL-VPN web portal.
Affected products
Fortinet, Inc. · FortiOS