Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-43068 | 1 Fortinet | 1 Fortiauthenticator | 2021-12-10 | 5.5 MEDIUM | 8.1 HIGH |
| A improper authentication in Fortinet FortiAuthenticator version 6.4.0 allows user to bypass the second factor of authentication via a RADIUS login portal. | |||||
| CVE-2021-22124 | 1 Fortinet | 2 Fortiauthenticator, Fortisandbox | 2021-08-12 | 7.8 HIGH | 7.5 HIGH |
| An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via specifically-crafted long request parameters. | |||||
| CVE-2021-24005 | 1 Fortinet | 1 Fortiauthenticator | 2021-07-08 | 5.0 MEDIUM | 7.5 HIGH |
| Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator versions before 6.3.0 may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key. | |||||