CVE-2017-7737

An information disclosure vulnerability in Fortinet FortiWeb 5.8.2 and below versions allows logged-in admin user to view SNMPv3 user password in cleartext in webui via the HTML source code.

Published: Aug 10, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-7737
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-200
CWE-552

Affected Software
References

Software	From	Fixed in
fortinet / fortiweb	-	5.8.2.x

http://www.securityfocus.com/bid/100205
https://fortiguard.com/advisory/FG-IR-17-162

Vulnerability Database

289,784

CVE-2017-7737