Predictable Salt Vulnerability in FortiPortal Password Storing Mechanism
CVE-2021-32596 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables.
Learn more about our Web Application Penetration Testing UK.