CVE-2015-1453

Exploit

EPSS 0.16%
Published 02.02.2015 16:59:06
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of FoRtInEt!AnDrOiD, which makes it easier for attackers to obtain passwords and possibly other sensitive data by leveraging the key to decrypt data in the Shared Preferences.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Fortinet ≫ FortiClient SwPlatformandroid Version <= 5.2.3.091

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.16%	0.33

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://www.securityfocus.com/bid/72383

http://seclists.org/fulldisclosure/2015/Jan/124

Exploit

http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiClient_Multiple_Vulnerabilities.pdf

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2015-1453

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-1453

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-1453

EUVD