CVE-2021-24005

Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator versions before 6.3.0 may allow an attacker with access to the files or the CLI configuration to decrypt the sensitive data, via knowledge of the hard-coded key.
References
Link Resource
https://fortiguard.com/psirt/FG-IR-20-049 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:fortinet:fortiauthenticator:*:*:*:*:*:*:*:*

Information

Published : 2021-07-06 11:15

Updated : 2021-07-08 05:36


NVD link : CVE-2021-24005

Mitre link : CVE-2021-24005

Products Affected
No products.
CWE