Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
fortinetFortiGuard LabsFG-IR-21-212
HistoryDec 07, 2021 - 12:00 a.m.

FortiAuthenticator - "Mandatory password and OTP" setting not enforcing OTP on unimported remote users

2021-12-0700:00:00
FortiGuard Labs
www.fortiguard.com
6
fortiauthenticator
mandatory password
otp
ldap
radius
authentication algorithm vulnerability
cwe-303
remote users

EPSS

0.001

Percentile

28.4%

JSON

An incorrect implementation of authentication algorithm vulnerability [CWE-303] in FortiAuthenticator may allow an user whose LDAP account is unimported to bypass the second factor of authentication via a RADIUS login portal.

Related

prion 1
cnvd 1
cve 1
nvd 1
cvelist 1
prion
prion
Authentication flaw
2021-12-09 10:15:00
cnvd
cnvd
Fortinet FortiAuthenticator Authentication Bypass Vulnerability
2021-12-12 00:00:00
cve
cve
CVE-2021-43068
2021-12-09 10:15:11
nvd
nvd
CVE-2021-43068
2021-12-09 10:15:11
cvelist
cvelist
CVE-2021-43068
2021-12-09 09:38:37

EPSS

0.001

Percentile

28.4%

JSON
Related for FG-IR-21-212
prion1cnvd1cve1nvd1cvelist1