A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets.
https://fortiguard.com/advisory/FG-IR-20-091
Source: Mitre, NVD
Published: 2022-03-01
Updated: 2026-06-17
Base Score: 4
Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N
Severity: Medium
Base Score: 4.5
Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS: 0.00416