Device password exposure in audit log


An insertion of sensitive information into log file vulnerability [CWE-532] in the FortiPortal management interface may allow a remote authenticated attacker to read other devices' passwords in the audit log page.

Version Affected Solution
FortiPortal 7.0 7.0.0 through 7.0.2 Upgrade to 7.0.3 or above