SynopsisThe remote host is affected by multiple vulnerabilities.
DescriptionThe remote host is running a version of FortiOS prior to 6.2.3.
It is, therefore, affected by an information disclosure vulnerability due to a cleartext storage in a file or on disk. FortiOS SSL VPN allows an attacker to retrieve a logged-in SSL VPN user's credentials should that attacker be able to read the session file stored on the targeted device's system.
SolutionUpgrade to Fortinet FortiOS version to 6.2.3 or later.