VYPR
Unrated severityNVD Advisory· Published Jul 6, 2021· Updated Oct 25, 2024

CVE-2021-24005

CVE-2021-24005

Description

Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator versions before 6.3.0 may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key.

Affected products

2
  • Fortinet/Fortiauthenticatorllm-fuzzy2 versions
    <6.3.0+ 1 more
    • (no CPE)range: <6.3.0
    • (no CPE)range: FortiAuthenticator versions before 6.3.0.

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.