Lucene search
FortiGuard LabsFG-IR-20-218HistoryAug 03, 2021 - 12:00 a.m.
FortiSandbox - Predictable session IDs of JSON API
2021-08-0300:00:00
FortiGuard Labs
www.fortiguard.com
10
0.002 Low
EPSS
Percentile
53.8%
An instance of small space of random values in FortiSandbox RPC API may allow an attacker in possession of a few information pieces about the state of the device to possibly predict valid session IDs.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fortisandbox | eq | 3.2.2 | |
| fortisandbox | eq | 3.2.1 | |
| fortisandbox | eq | 3.2.0 |
Related
cve
cve
CVE-2021-26098
2021-08-04 14:15:08
nvd
nvd
CVE-2021-26098
2021-08-04 14:15:08
prion
prion
Design/Logic Flaw
2021-08-04 14:15:00
cvelist
cvelist
CVE-2021-26098
2021-08-04 13:20:48