CVE-2021-26100
published 2021-07-09CVE-2021-26100: A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortimail | < 7.0.0 | 7.0.0 |
| fortinet | fortimail | — | — |
| fortinet | fortinet_fortimail | — | — |