FortiOS SSL VPN user credential plaintext storage
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN may allow an attacker to retrieve a logged-in SSL VPN user's credentials should that attacker be able to read the session file stored on the targeted device's system.
To successfully exploit this weakness, another unrelated weakness (eg: a system file leaking vulnerability) would therefore need to be exploited first.
FortiOS 6.2.0 to 6.2.2, 6.0.9 and below
Upgrade to FortiOS 6.0.10 or 6.2.3 or above
2020-01-27 Initial Version
2020-06-26 New fix on 6.0.10 released.