FortiClientEMS - Sensitive information leak


A missing encryption of sensitive data vulnerability [CWE-311] in FortiClientEMS may allow an authenticated attacker to view sensitive information in clear text via any browser development tools.

Affected Products

FortiClientEMS 7.0.1 and earlier.

FortiClientEMS 6.4.6 and earlier.


Upgrade to FortiClientEMS 7.0.2 and later.

Upgrade to FortiClientEMS 6.4.7 and later.