CVE-2021-41019
02.11.2021, 18:15
An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials.Enginsight
Vendor | Product | Version |
---|---|---|
fortinet | fortios | 6.4.0 ≤ 𝑥 ≤ 6.4.6 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration