Description
A insertion of sensitive information into log file in Fortinet FortiDLP 12.0.0 through 12.0.5, 11.5.1, 11.4.6, 11.4.5 allows attacker to information disclosure via re-using the enrollment code.
Scores
CVSS v3
4.4
EPSS
0.0002
EPSS Percentile
5.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-532
Status
published
Products (1)
fortinet/fortidlp_agent
11.4.5 - 12.0.5
Published
Oct 16, 2025
Tracked Since
Feb 18, 2026