Predictable Salt Vulnerability in FortiWAN before 4.5.9

Predictable Salt Vulnerability in FortiWAN before 4.5.9

CVE-2021-26113 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

A use of a one-way hash with a predictable salt vulnerability [CWE-760] in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored.

Learn more about our Web Application Penetration Testing UK.