Insufficient Computational Effort Vulnerability in FortiSandbox [CWE-916]: Efficient Bulk Password Guessing
CVE-2022-26115 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
A use of password hash with insufficient computational effort vulnerability [CWE-916] in FortiSandbox before 4.2.0 may allow an attacker with access to the password database to efficiently mount bulk guessing attacks to recover the passwords.
Learn more about our Web Application Penetration Testing UK.