Fortimail@6.2.7 Security Vulnerabilities and Issues — Fortimail@6.2.7 CVE List

Lucene search

FortinetFortimail6.2.7

3 matches found

CVE•added 2021/07/09 7:15 p.m.•73 views

CVE-2021-24020

A missing cryptographic step in the implementation of the hash digest algorithm in FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to tamper with signed URLs by appending further data which allows bypass of signature verification.

9.8CVSS9.4AI score0.00171EPSS

CVE•added 2021/12/08 11:15 a.m.•64 views

CVE-2021-42757

A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.

6.7CVSS6.9AI score0.00082EPSS

CVE•added 2021/12/08 12:15 p.m.•52 views

CVE-2021-32591

A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS credentials in FortiSandbox before 4.0.1, FortiWeb before 6.3.12, FortiADC before 6.2.1, FortiMail 7.0.1 and earlier may allow an attacker in possession of the password store to compromise the confident...

5.3CVSS5.2AI score0.00167EPSS