Security Advisory

CVE-2021-36171

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-01 18:05:10
Last updated 2024-10-25 13:35:25
Assigner fortinet
State PUBLISHED

Description

The use of a cryptographically weak pseudo-random number generator in the password reset feature of FortiPortal before 6.0.6 may allow a remote unauthenticated attacker to predict parts of or the whole newly generated password within a given time frame.