Unrated severityNVD Advisory· Published Mar 1, 2022· Updated Oct 25, 2024
CVE-2021-36171
CVE-2021-36171
Description
The use of a cryptographically weak pseudo-random number generator in the password reset feature of FortiPortal before 6.0.6 may allow a remote unauthenticated attacker to predict parts of or the whole newly generated password within a given time frame.
Affected products
2<6.0.6+ 1 more
- (no CPE)range: <6.0.6
- (no CPE)range: FortiPortal before 6.0.6
Patches
Vulnerability mechanics
References
1- fortiguard.com/psirt/FG-IR-21-099mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.