← back
CVE-2021-43067

CVE-2021-43067

CVSS 8.3 HIGHEPSS 1.1%
A exposure of sensitive information to an unauthorized actor in Fortinet FortiAuthenticator version 6.4.0, version 6.3.2 and below, version 6.2.1 and below, version 6.1.2 and below, version 6.0.7 to 6.0.1 allows attacker to duplicate a target LDAP user 2 factors authentication token via crafted HTTP requests.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L/E:P/RL:X/RC:X
Affected products
Fortinet · Fortinet FortiAuthenticator

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.com/advisory/FG-IR-21-211