An instance of small space of random values in FortiSandbox RPC API may allow an attacker in possession of a few information pieces about the state of the device to possibly predict valid session IDs.
CPE | Name | Operator | Version |
---|---|---|---|
fortisandbox | eq | 3.2.2 | |
fortisandbox | eq | 3.2.1 | |
fortisandbox | eq | 3.2.0 |