Fortinet FortiClient 6.0.6 for macOS

CPE Details

Fortinet FortiClient 6.0.6 for macOS
fortinet
forticlient
6.0.6
2020-05-11
15h37 +00:00
2020-05-11
15h37 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:fortinet:forticlient:6.0.6:*:*:*:*:macos:*:*

Informations

Vendor

fortinet

Product

forticlient

Version

6.0.6

Target Software

macos

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-22635 2023-04-11 16h05 +00:00 A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate their privileges via modifying the installer upon upgrade.
7.8
Haute
CVE-2021-41028 2021-12-16 17h13 +00:00 A combination of a use of hard-coded cryptographic key vulnerability [CWE-321] in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability [CWE-297] in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an unauthenticated and network adjacent attacker to perform a man-in-the-middle attack between the EMS and the FCT via the telemetry protocol.
8.2
Haute
CVE-2021-26089 2021-07-12 10h48 +00:00 An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged user to execute arbitrary privileged shell commands during installation phase.
7.8
Haute
CVE-2019-17650 2019-11-21 14h03 +00:00 An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check.
7.8
Haute
CVE-2018-9195 2019-11-21 13h59 +00:00 Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below.
5.9
Moyen
CVE-2019-15704 2019-11-21 13h53 +00:00 A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway.
5.5
Moyen