25 matches found
Post-Quantum Identity-Based TLS for 5G Service-Based Architecture and Cloud-Native Infrastructure
Cloud-native application platforms and latency-sensitive systems such as 5G Core networks rely heavily on certificate-based Public Key Infrastructure PKI and mutual TLS to secure service-to-service communication. While effective, this model introduces significant operational and performance...
EUVD-2021-12921
Malware in sbrugna...
EUVD-2021-12920
Malware in sbrugna...
CVE-2021-26100
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible...
CVE-2013-1471
Multiple cross-site scripting XSS vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail before 4.3.4 on FortiMail Identity-Based Encryption IBE appliances allow user-assisted remote attackers to inject arbitrary web script or HTML via 1 the Add field for the Black List under Antispam...
CVE-2021-26091
A use of a cryptographically weak pseudo-random number generator vulnerability in the authenticator of the Identity Based Encryption service of FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to infer parts of users authentication tokens and reset thei...
The vulnerability of the FortiMail IBE (Identity-Based Encryption) service of the FortiMail email protection system allows a perpetrator to bypass the cryptographic encryption mechanisms and gain unauthorized access to protected information.
The vulnerability of the FortiMail IBE Identity-Based Encryption service of the FortiMail email protection system is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker to bypass the cryptographic encryption mechanisms...
The vulnerability of the FortiMail IBE (Identity-Based Encryption) service of the FortiMail email protection system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of FortiMail IBE’s Identity-Based Encryption service in the email protection system is related to errors in the code of the pseudorandom number generator. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected informatio...
The vulnerability of the FortiMail IBE (Identity-Based Encryption) service of the FortiMail email protection system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the FortiMail IBE Identity-Based Encryption service of the FortiMail email protection system lies in the lack of encryption measures for protected data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected informati...
CVE-2021-26099
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...
CVE-2021-26099
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...
Design/Logic Flaw
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...
CVE-2021-26099
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...
CVE-2021-26099
CVE-2021-26099 affects FortiMail prior to 7.0.0. The FortiMail Identity-Based Encryption (IBE) KeyStore omits necessary cryptographic steps, allowing an attacker who possesses the encrypted master keys to infer plaintext-related properties by observing invariant ciphertext properties. Impact is l...
CVE-2021-26099
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...
Fortinet FortiMail 安全漏洞
Fortinet FortiMail is a set of e-mail security gateway products of the U.S. Fita Fortinet. The product provides email security and data protection features. A security vulnerability exists in FortiMail prior to 7.0.0, which stems from the lack of an encryption step in the Identity-Based Encryptio...
CVE-2021-26100
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible...
CVE-2021-26100
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible...
Design/Logic Flaw
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible...
CVE-2021-26100
CVE-2021-26100 affects Fortinet FortiMail’s Identity-Based Encryption (IBE) service prior to version 7.0.0. The issue is a missing cryptographic step that can allow an unauthenticated attacker who intercepts encrypted messages to tamper with them and recover plaintexts. Fortinet’s PSIRT advisory ...