PSIRT Advisory

FortiWLC PAM.log authenticated user information exposure

Summary

The pam.log file generated by FortiWLC contains authenticated users credentials (local admin and users authenticated against external servers). Users with admin privileges can access the pam.log file and read the credentials.

Description

The pam.log file generated by FortiWLC contains authenticated users credentials (local admin and users authenticated against external servers). Users with admin privileges can access the pam.log file and read the credentials.

Impact

User credential exposure

Affected Products

FortiWLC 6.1-2-29 and below, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0

Solutions

Depending on your version, apply the following patches:


Below 6.1-2-29

Update to 7.0-10-0 or above, and apply the corresponding patch.


6.1-2-29

meru-6.1-2-29-patch-bug0388249


7.0-9-1:

meru-7.0-9-1-patch-bug0388249


7.0-10-0:

meru-7.0-10-0-patch-bug0388249


8.0-5-0:

meru-8.0-5-0-patch-bug0388249


8.1-2-0:

meru-8.1-2-0-patch-bug0388249


8.2-4-0:

meru-8.2-4-0-patch-bug0388249

Acknowledgement

Fortinet is pleased to thank University of Toronto for reporting this vulnerability under responsible disclosure.