Vulnerability Description
Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow administrators to obtain sensitive user credentials by reading the pam.log file.
CVSS Score
7.2
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | Fortiwlc | <= 6.1-2-29 |
Related Weaknesses (CWE)
References
- http://fortiguard.com/advisory/FG-IR-16-030Vendor Advisory
- http://www.securityfocus.com/bid/93282Third Party AdvisoryVDB Entry
- http://fortiguard.com/advisory/FG-IR-16-030Vendor Advisory
- http://www.securityfocus.com/bid/93282Third Party AdvisoryVDB Entry
FAQ
What is CVE-2016-7561?
CVE-2016-7561 is a vulnerability with a CVSS score of 7.2 (HIGH). Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow administrators to obtain sensitive user credentials by reading the pam.log file.
How severe is CVE-2016-7561?
CVE-2016-7561 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-7561?
Check the references section above for vendor advisories and patch information. Affected products include: Fortinet Fortiwlc.