CVE-2017-14184

CVE Database · CVE-2017-14184

CVE-2017-14184

· N/AModified

CVSS v3.1

N/A

EPSS

2.08%

Published

Dec 15, 2017

Modified

May 12, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users to see each other's VPN authentication credentials due to improperly secured storage locations.

Weaknesses (CWE)

CWE-200

Affected Products (3)

fortinet · forticlient (up to 5.6.0)vulnerable

fortinet · forticlient_sslvpn_client (up to 4.4.2334)vulnerable

References (4)

http://www.securityfocus.com/bid/102123

Third Party AdvisoryVDB Entry

https://fortiguard.com/advisory/FG-IR-17-214

MitigationVendor Advisory

http://www.securityfocus.com/bid/102123

Third Party AdvisoryVDB Entry

https://fortiguard.com/advisory/FG-IR-17-214

MitigationVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs