Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A use of a cryptographically weak pseudo-random number generator vulnerability in the authenticator of the Identity Based Encryption service of FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to infer parts of users authentication tokens and reset their credentials.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
使用具有密码学弱点缺陷的PRNG
Vulnerability Title
Fortinet FortiMail 安全特征问题特征问题漏洞
Vulnerability Description
Fortinet FortiMail是美国飞塔(Fortinet)公司的一套电子邮件安全网关产品。该产品提供电子邮件安全防护和数据保护等功能。 Fortinet FortiMail 存在安全特征问题漏洞,该漏洞源于FortiMail 基于身份加密服务的身份验证器中使用了弱伪随机数生成器。攻击者可利用该漏洞推断部分用户身份验证令牌并重置他们的凭据。
CVSS Information
N/A
Vulnerability Type
N/A