GCVE - cpe:2.3:a:fortinet:forticlient:7.2.0:*:*:*:*:linux:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:fortinet:forticlient:7.2.0:*:*:*:*:linux:*:*

part: a version: 7.2.0 update: *

Vendor	Fortinet (`2b06c5e0-0a17-54f4-810a-5ef236d51947`)
Product	Forticlient (`f1dedd21-b015-56f2-acb3-24cd61ec013c`)
Edition	*
Language	*
Software edition	*
Target software	linux
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-31489`	vulnerable	2026-06-03 14:55:39.890307	Details available MEDIUM (6.4) AAn improper certificate validation vulnerability [CWE-295] in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 through 7.0.11, 7.2.0 through 7.2.4 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiGate and the FortiClient during the ZTNA tunnel creation Published: 2024-09-10T14:37:48.066Z Updated: 2024-09-10T17:52:01.310Z Open on db.gcve.eu Reference links https://fortiguard.fortinet.com/psirt/FG-IR-22-282	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-45590`	vulnerable	2026-06-03 14:53:08.202537	Details available CRITICAL (9.4) An improper control of generation of code ('code injection') in Fortinet FortiClientLinux version 7.2.0, 7.0.6 through 7.0.10 and 7.0.3 through 7.0.4 allows attacker to execute unauthorized code or commands via tricking a FortiClientLinux user into visiting a malicious website Published: 2024-04-09T14:24:19.922Z Updated: 2024-08-12T17:46:37.654Z Open on db.gcve.eu Reference links https://fortiguard.com/psirt/FG-IR-23-087	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-37939`	vulnerable	2026-06-03 14:52:29.897141	Details available LOW (3) An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Windows 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions, Linux 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions and Mac 7.2.0 through 7.2.1, 7.0 all versions, 6.4 all versions, 6.2 all versions, may allow a local authenticated attacker with no Administrative privileges to retrieve the list of files or folders excluded from malware scanning. Published: 2023-10-10T16:50:04.463Z Updated: 2024-09-18T20:26:45.399Z Open on db.gcve.eu Reference links https://fortiguard.com/psirt/FG-IR-22-235	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.