Vulnerabilities > CVE-2017-7344 - Unspecified vulnerability in Fortinet Forticlient

CVSS 7.6 - HIGH

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

high complexity

fortinet

NVD

Published: 2017-12-14

Updated: 2019-10-03

Summary

A privilege escalation in Fortinet FortiClient Windows 5.4.3 and earlier as well as 5.6.0 allows attacker to gain privilege via exploiting the Windows "security alert" dialog thereby popping up when the "VPN before logon" feature is enabled and an untrusted certificate chain.

Vulnerable Configurations

Part	Description	Count
Application	Fortinet Fortinet Forticlient 4.3.0 Fortinet Forticlient 5.0.5 Fortinet Forticlient 5.0.6 Fortinet Forticlient 5.0.7 Fortinet Forticlient 5.0.8 Fortinet Forticlient 5.0.9 Fortinet Forticlient 5.0.10 Fortinet Forticlient 5.0.11 Fortinet Forticlient 5.4.0 Fortinet Forticlient 5.4.1 Fortinet Forticlient 5.4.2 Fortinet Forticlient 5.4.3 Fortinet Forticlient 5.6.0	13

Summary

Vulnerable Configurations

References