CVE-2021-26113

CWE-9164 documents4 sources
Severity
7.5HIGH
EPSS
0.1%
top 72.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fortinet FortiwanFortinet Fortinet Fortiwan
Timeline
PublishedApr 6
Latest updateApr 7

Description

A use of a one-way hash with a predictable salt vulnerability [CWE-760] in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.5 | Impact: 3.6

Affected Packages2 packages

NVDfortinet/fortiwan< 4.5.9
CVEListV5fortinet/fortinet_fortiwanFortiWAN before 4.5.9

🔴Vulnerability Details

2
GHSA
GHSA-wq69-vpq9-x8vq: A use of a one-way hash with a predictable salt vulnerability [CWE-760] in FortiWAN before 42022-04-07
CVEList
CVE-2021-26113: A use of a one-way hash with a predictable salt vulnerability [CWE-760] in FortiWAN before 42022-04-06

📋Vendor Advisories

1
Fortinet
A use of a one-way hash with a predictable salt vulnerability [CWE-760] in FortiWAN before 4.5.9 may allow an attacker w...2022-04-06
CVE-2021-26113 (HIGH CVSS 7.5) | A use of a one-way hash with a pred | cvebase.io