CVE-2021-26113

High

A use of a one-way hash with a predictable salt vulnerability [CWE-760] in FortiWAN before 4.5.9 may allow an attacker who has previously…

fortinet·CWE-916·Published 2022-04-06

CVSS

7.5

EPSS

0.00

KEV

Exploits

cve.orgen

224 chars

A use of a one-way hash with a predictable salt vulnerability [CWE-760] in FortiWAN before 4.5.9 may allow an attacker who has previously come in possession of the password file to potentially guess passwords therein stored.

NVDen

224 chars

NVDes

277 chars

El uso de un hash unidireccional con una vulnerabilidad salt predecible [CWE-760] en FortiWAN versiones anteriores a 4.5.9, puede permitir a un atacante que haya entrado previamente en posesión del archivo de contraseñas adivinar potencialmente las contraseñas allí almacenadas

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N