Unrated severityNVD Advisory· Published Jul 18, 2022· Updated Oct 22, 2024
CVE-2021-22131
CVE-2021-22131
Description
A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0.3 and below, Fortinet FortiTokeniOS version 5.2.0 and below, Fortinet FortiTokenWinApp version 4.0.3 and below allows attacker to retrieve information disclosed via man-in-the-middle attacks.
Affected products
4- Range: <=5.0.3
- Range: <=5.2.0
- Range: <=4.0.3
- Fortinet/Fortinet FortiTokenAndroid, Fortinet FortiTokeniOS, Fortinet FortiTokenWinAppv5Range: FortiTokenAndroid 5.0.3, 5.0.2, 4.5.0, 4.4.0, 4.3.0, 4.2.2, 4.2.1, 4.1.1, 4.0.1, 4.0.0, 3.0.4, 3.0.3, 3.0.2, 3.0.1, 3.0.0, 0.4.20, 0.4.10, FortiTokeniOS 5.2.0, 4.3.0, 4.2.0, 4.1.1, 3.0.5, 3.0.4, 3.0.3, 3.0.2, 3.0.1, FortiTokenWinApp 4.0.3, 3.0.1, 3.0.0
Patches
Vulnerability mechanics
References
1- fortiguard.com/advisory/FG-IR-21-024mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.