What is CVE-2017-14184?

CVE-2017-14184 is a high-severity vulnerability in Fortinet Forticlient, classified under Information Disclosure. CVSS score: 8.8/10. Published 2017-12-15.

How severe is CVE-2017-14184?

High severity. CVSS v3 base score is 8.8 out of 10.

Information disclosure in Fortinet Forticlient

CVE-2017-14184

An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users…

Vulnerability class: Information Disclosure

EPSS: 0.016 (82.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Fortinet Forticlient
Fortinet Forticlient_sslvpn_client
Fortinet, Inc. Forticlient For Mac Osx — versions 5.6.0 and below
Fortinet, Inc. Forticlient For Windows — versions 5.6.0 and below
Fortinet, Inc. Forticlient Sslvpn Client For Linux — versions 4.4.2334 and below

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

psirt@fortinet.com (x_refsource_CONFIRM, Mitigation, Vendor Advisory)
psirt@fortinet.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2017-14184?: CVE-2017-14184 is a high-severity vulnerability in Fortinet Forticlient, classified under Information Disclosure. CVSS score: 8.8/10. Published 2017-12-15.
How severe is CVE-2017-14184?: High severity. CVSS v3 base score is 8.8 out of 10.