Lucene search
FortiGuard LabsFG-IR-21-074HistoryNov 02, 2021 - 12:00 a.m.
Protect
2021-11-0200:00:00
FortiGuard Labs
www.fortiguard.com
20
fortios
certificate validation
cwe-297
ldap
gui
sensitive information
ad credentials
vulnerability
EPSS
0.001
Percentile
43.8%
An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials.
Related
cve
cve
CVE-2021-41019
2021-11-02 18:15:08
cvelist
cvelist
CVE-2021-41019
2021-11-02 17:41:08
nvd
nvd
CVE-2021-41019
2021-11-02 18:15:08
prion
prion
Input validation
2021-11-02 18:15:00