VYPR
Unrated severityNVD Advisory· Published Mar 1, 2022· Updated Oct 25, 2024

CVE-2021-36171

CVE-2021-36171

Description

The use of a cryptographically weak pseudo-random number generator in the password reset feature of FortiPortal before 6.0.6 may allow a remote unauthenticated attacker to predict parts of or the whole newly generated password within a given time frame.

Affected products

2
  • Fortinet/Fortiportalllm-fuzzy2 versions
    <6.0.6+ 1 more
    • (no CPE)range: <6.0.6
    • (no CPE)range: FortiPortal before 6.0.6

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.

CVE-2021-36171 · VYPR