Security Advisory

CVE-2021-26091

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-24 15:37:58

Last updated 2025-03-31 18:11:58

Assigner fortinet

State PUBLISHED

Description

A use of a cryptographically weak pseudo-random number generator vulnerability in the authenticator of the Identity Based Encryption service of FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to infer parts of users authentication tokens and reset their credentials.

← Browse all CVEs View on cve.org ↗