CVE-2021-26091 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A use of a cryptographically weak pseudo-random number generator vulnerability in the authenticator of the Identity Based Encryption service of FortiMail 6.4.0…
High CVSS: 7.5

CVE-2021-26091

A use of a cryptographically weak pseudo-random number generator vulnerability in the authenticator of the Identity Based Encryption service of FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to infer parts of users authentication tokens and reset their credentials.
Vendor
Fortinet
Product
Fortimail
CWE
CWE-338
Yayın Tarihi
2025-03-24 16:15:16
Güncelleme
2025-07-23 15:53:04
Source Identifier
psirt@fortinet.com
KEV Date Added
-

Kategoriler

CWE-338 Fortimail HIGH Fortinet 2025

Referanslar

https://fortiguard.com/advisory/FG-IR-21-031