A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS credentials in FortiSandbox before 4.0.1, FortiWeb before 6.3.12, FortiADC before 6.2.1, FortiMail 7.0.1 and earlier may allow an attacker in possession of the password store to compromise the confidentiality of the encrypted secrets.
References
Link | Resource |
---|---|
https://fortiguard.com/advisory/FG-IR-20-222 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2021-12-08T11:56:06
Updated: 2021-12-08T11:56:06
Reserved: 2021-05-11T00:00:00
Link: CVE-2021-32591
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-08T12:15:07.737
Modified: 2023-08-08T14:22:24.967
Link: CVE-2021-32591
JSON object: View
Redhat Information
No data.
CWE