Fortinet FortiDLP Sensitive Information Log Injection Vulnerability Allowing Information Disclosure
Vulnerability
A vulnerability exists in Fortinet FortiDLP versions 12.0.0 through 12.0.5, 11.5.1, 11.4.6, and 11.4.5, allowing authenticated attackers to disclose sensitive information by reusing the enrollment code. This issue arises from the improper handling of the enrollment code, which is logged during the installation of the FortiDLP Windows Agent. The vulnerability enables attackers to manipulate the agent pool by exploiting the logged enrollment code.
Impact
Exploitation of this vulnerability could lead to unauthorized information disclosure by allowing attackers to reuse enrollment codes, potentially manipulating the FortiDLP agent pool.
Remediation
Users are advised to migrate to a fixed release of Fortinet FortiDLP. Specific instructions for upgrading can be found in the Fortinet FortiDLP documentation.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.