Unrated severityNVD Advisory· Published Jul 6, 2021· Updated Oct 25, 2024
CVE-2021-24005
CVE-2021-24005
Description
Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator versions before 6.3.0 may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key.
Affected products
2<6.3.0+ 1 more
- (no CPE)range: <6.3.0
- (no CPE)range: FortiAuthenticator versions before 6.3.0.
Patches
Vulnerability mechanics
References
1- fortiguard.com/psirt/FG-IR-20-049mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.