Lucene search
FortinetCVELIST:CVE-2021-26108HistoryDec 08, 2021 - 12:16 p.m.
CVE-2021-26108
2021-12-0812:16:03
fortinet
www.cve.org
3
vulnerability
sslvpn
fortios
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C
EPSS
0.002
Percentile
54.4%
A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering.
CNA Affected
[
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS before 7.0.1"
}
]
}
]References
Related
cve
cve
CVE-2021-26108
2021-12-08 13:15:07
nessus
nessus
Fortinet FortiOS Hard-Coded Cryptographic Key (FG-IR-21-051)
2022-01-14 00:00:00
fortinet
fortinet
Protect
2021-12-07 00:00:00
cnvd
cnvd
Fortinet FortiOS Trust Management Issue Vulnerability (CNVD-2021-100290)
2021-12-09 00:00:00
nvd
nvd
CVE-2021-26108
2021-12-08 13:15:07
prion
prion
Hardcoded credentials
2021-12-08 13:15:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C
EPSS
0.002
Percentile
54.4%
Related for CVELIST:CVE-2021-26108