Remote Authentication Cookie Disclosure in Fortinet FortiWan (formerly AscernLink) before 4.2.5
CVE-2016-4968 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to discover administrator cookies via a GET request.
Learn more about our Cis Benchmark Audit For Fortinet.