Security Advisory

CVE-2021-26095

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-20 10:48:06

Last updated 2024-10-25 13:54:39

Assigner fortinet

State PUBLISHED

Description

The combination of various cryptographic issues in the session management of FortiMail 6.4.0 through 6.4.4 and 6.2.0 through 6.2.6, including the encryption construction of the session cookie, may allow a remote attacker already in possession of a cookie to possibly reveal and alter or forge its content, thereby escalating privileges.

← Browse all CVEs View on cve.org ↗