ГлавнаяУязвимости → CVE-2021-26091
7.5высокая

CVE-2021-26091

Описание

A use of a cryptographically weak pseudo-random number generator vulnerability in the authenticator of the Identity Based Encryption service of FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to infer parts of users authentication tokens and reset their credentials.

Затрагиваемое ПО
Fortinet Fortimail
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://fortiguard.com/advisory/FG-IR-21-031