Authentication bypass in FortiMail and FortiVoiceEntreprise

2020-04-2700:00:00

FortiGuard Labs

www.fortiguard.com

0.028 Low

EPSS

Percentile

90.7%

JSON

An improper authentication vulnerability in FortiMail and FortiVoiceEntreprise may allow a remote unauthenticated attacker to access the system as a legitimate user by requesting a password change via the user interface.

CPENameOperatorVersion
fortivoiceenterpriseeq6.0.1
fortivoiceenterpriseeq6.0.0
fortimaileq6.2.2
fortimaileq6.2.1
fortimaileq6.2.0
fortimaileq6.0.7
fortimaileq6.0.6
fortimaileq6.0.5
fortimaileq6.0.4
fortimaileq6.0.3

Name	Operator	Version
fortivoiceenterprise	eq	6.0.1
fortivoiceenterprise	eq	6.0.0
fortimail	eq	6.2.2
fortimail	eq	6.2.1
fortimail	eq	6.2.0
fortimail	eq	6.0.7
fortimail	eq	6.0.6
fortimail	eq	6.0.5
fortimail	eq	6.0.4
fortimail	eq	6.0.3

Rows per page:

1-10 of 181

0.028 Low

EPSS

Percentile

90.7%

JSON

Related for FG-IR-20-045