VYPR
Unrated severityNVD Advisory· Published Jul 18, 2022· Updated Oct 22, 2024

CVE-2021-22131

CVE-2021-22131

Description

A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0.3 and below, Fortinet FortiTokeniOS version 5.2.0 and below, Fortinet FortiTokenWinApp version 4.0.3 and below allows attacker to retrieve information disclosed via man-in-the-middle attacks.

Affected products

4
  • Range: <=5.0.3
  • Range: <=5.2.0
  • Range: <=4.0.3
  • Fortinet/Fortinet FortiTokenAndroid, Fortinet FortiTokeniOS, Fortinet FortiTokenWinAppv5
    Range: FortiTokenAndroid 5.0.3, 5.0.2, 4.5.0, 4.4.0, 4.3.0, 4.2.2, 4.2.1, 4.1.1, 4.0.1, 4.0.0, 3.0.4, 3.0.3, 3.0.2, 3.0.1, 3.0.0, 0.4.20, 0.4.10, FortiTokeniOS 5.2.0, 4.3.0, 4.2.0, 4.1.1, 3.0.5, 3.0.4, 3.0.3, 3.0.2, 3.0.1, FortiTokenWinApp 4.0.3, 3.0.1, 3.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.