Unrated severityNVD Advisory· Published Jul 9, 2021· Updated Oct 25, 2024
CVE-2021-24020
CVE-2021-24020
Description
A missing cryptographic step in the implementation of the hash digest algorithm in FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to tamper with signed URLs by appending further data which allows bypass of signature verification.
Affected products
2Patches
Vulnerability mechanics
References
1- fortiguard.com/advisory/FG-IR-21-027mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.