CVE-2021-32596 - OpenCVE

A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fortinet	Fortiportal

Configuration 1 [-]

cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://fortiguard.com/advisory/FG-IR-21-094

History

No history.

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2021-08-04T15:35:29

Updated: 2024-08-03T23:25:30.563Z

Reserved: 2021-05-11T00:00:00

Link: CVE-2021-32596

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-08-04T16:15:08.353

Modified: 2021-08-10T23:36:57.073

Link: CVE-2021-32596

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Fortinet FortiPortal", "vendor": "Fortinet", "versions": [{"status": "affected", "version": "FortiPortal 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0"}]}], "descriptions": [{"lang": "en", "value": "A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "PROOF_OF_CONCEPT", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "remediationLevel": "WORKAROUND", "reportConfidence": "CONFIRMED", "scope": "CHANGED", "temporalScore": 5.5, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:W/RC:C", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Information disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-08-04T15:35:29", "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://fortiguard.com/advisory/FG-IR-21-094"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@fortinet.com", "ID": "CVE-2021-32596", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Fortinet FortiPortal", "version": {"version_data": [{"version_value": "FortiPortal 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0"}]}}]}, "vendor_name": "Fortinet"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables."}]}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Local", "availabilityImpact": "None", "baseScore": 5.5, "baseSeverity": "Medium", "confidentialityImpact": "High", "integrityImpact": "None", "privilegesRequired": "High", "scope": "Changed", "userInteraction": "None", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:W/RC:C", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information disclosure"}]}]}, "references": {"reference_data": [{"name": "https://fortiguard.com/advisory/FG-IR-21-094", "refsource": "CONFIRM", "url": "https://fortiguard.com/advisory/FG-IR-21-094"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:25:30.563Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://fortiguard.com/advisory/FG-IR-21-094"}]}]}, "cveMetadata": {"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "assignerShortName": "fortinet", "cveId": "CVE-2021-32596", "datePublished": "2021-08-04T15:35:29", "dateReserved": "2021-05-11T00:00:00", "dateUpdated": "2024-08-03T23:25:30.563Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B2739E2-5E22-4856-B515-9EFAC0D80999", "versionEndIncluding": "6.0.4", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables."}, {"lang": "es", "value": "Una vulnerabilidad en el uso de hash unidireccional con una salt predecible en el mecanismo de almacenamiento de contrase\u00f1as de FortiPortal versiones 6.0.0 hasta 6.04, puede permitir a un atacante que ya est\u00e9 en posesi\u00f3n del almac\u00e9n de contrase\u00f1as descifrar las contrase\u00f1as mediante tablas precalculadas"}], "id": "CVE-2021-32596", "lastModified": "2021-08-10T23:36:57.073", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 4.0, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2021-08-04T16:15:08.353", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/advisory/FG-IR-21-094"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-916"}], "source": "nvd@nist.gov", "type": "Primary"}]}