A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS credentials in FortiSandbox before 4.0.1, FortiWeb before 6.3.12, FortiADC before 6.2.1, FortiMail 7.0.1 and earlier may allow an attacker in possession of the password store to compromise the confidentiality of the encrypted secrets.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-20-222 |
History
Fri, 25 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-12-08T11:56:06
Updated: 2024-10-25T13:41:32.379Z
Reserved: 2021-05-11T00:00:00
Link: CVE-2021-32591
Vulnrichment
Updated: 2024-08-03T23:25:30.573Z
NVD
Status : Analyzed
Published: 2021-12-08T12:15:07.737
Modified: 2023-08-08T14:22:24.967
Link: CVE-2021-32591
Redhat
No data.