A exposure of sensitive information to an unauthorized actor in Fortinet FortiAuthenticator version 6.4.0, version 6.3.2 and below, version 6.2.1 and below, version 6.1.2 and below, version 6.0.7 to 6.0.1 allows attacker to duplicate a target LDAP user 2 factors authentication token via crafted HTTP requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-21-211 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-12-08T11:22:39
Updated: 2024-08-04T03:47:13.216Z
Reserved: 2021-10-28T00:00:00
Link: CVE-2021-43067
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-12-08T12:15:07.933
Modified: 2021-12-09T14:41:09.607
Link: CVE-2021-43067
Redhat
No data.