A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.fortinet.com/psirt/FG-IR-23-423 |
History
Fri, 04 Oct 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Fortinet
Fortinet fortios Fortinet fortiproxy |
|
CPEs | cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Fortinet
Fortinet fortios Fortinet fortiproxy |
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-06-11T14:32:01.335Z
Updated: 2024-08-01T22:27:36.270Z
Reserved: 2024-01-02T10:15:00.526Z
Link: CVE-2024-21754
Vulnrichment
Updated: 2024-08-01T22:27:36.270Z
NVD
Status : Analyzed
Published: 2024-06-11T15:16:03.433
Modified: 2024-10-04T14:13:31.877
Link: CVE-2024-21754
Redhat
No data.