22 matches found
Post-Quantum Identity-Based TLS for 5G Service-Based Architecture and Cloud-Native Infrastructure
Cloud-native application platforms and latency-sensitive systems such as 5G Core networks rely heavily on certificate-based Public Key Infrastructure PKI and mutual TLS to secure service-to-service communication. While effective, this model introduces significant operational and performance...
EUVD-2021-12921
Malware in sbrugna...
EUVD-2021-12920
Malware in sbrugna...
CVE-2021-26100
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible...
CVE-2013-1471
Multiple cross-site scripting XSS vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail before 4.3.4 on FortiMail Identity-Based Encryption IBE appliances allow user-assisted remote attackers to inject arbitrary web script or HTML via 1 the Add field for the Black List under Antispam...
CVE-2021-26091
A use of a cryptographically weak pseudo-random number generator vulnerability in the authenticator of the Identity Based Encryption service of FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to infer parts of users authentication tokens and reset thei...
CVE-2021-26099
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...
CVE-2021-26099
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...
Design/Logic Flaw
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...
CVE-2021-26099
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...
CVE-2021-26099
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...
CVE-2021-26099
CVE-2021-26099 affects FortiMail prior to 7.0.0. The FortiMail Identity-Based Encryption (IBE) KeyStore omits necessary cryptographic steps, allowing an attacker who possesses the encrypted master keys to infer plaintext-related properties by observing invariant ciphertext properties. Impact is l...
Fortinet FortiMail 安全漏洞
Fortinet FortiMail is a set of e-mail security gateway products of the U.S. Fita Fortinet. The product provides email security and data protection features. A security vulnerability exists in FortiMail prior to 7.0.0, which stems from the lack of an encryption step in the Identity-Based Encryptio...
CVE-2021-26100
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible...
CVE-2021-26100
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible...
Design/Logic Flaw
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible...
CVE-2021-26100
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible...
CVE-2021-26100
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible...
CVE-2021-26100
CVE-2021-26100 affects Fortinet FortiMail’s Identity-Based Encryption (IBE) service prior to version 7.0.0. The issue is a missing cryptographic step that can allow an unauthenticated attacker who intercepts encrypted messages to tamper with them and recover plaintexts. Fortinet’s PSIRT advisory ...
PT-2021-3853 · Fortinet · Fortimail
Name of the Vulnerable Software and Affected Versions: FortiMail versions prior to 7.0.0 Description: The issue is related to missing cryptographic steps in the Identity-Based Encryption service of FortiMail, which may allow an attacker to compromise the confidentiality of encrypted master keys b...