A use of password hash with insufficient computational effort vulnerability [CWE-916] in FortiSandbox prior to 4.2.0 may allow an attacker with access to the password database to efficiently mount bulk guessing attacks to recover the passwords.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortisandbox 3.2.2 |
||
fortinet fortisandbox 4.0.0 |
||
fortinet fortisandbox 3.2.0 |
||
fortinet fortisandbox 3.2.1 |
||
fortinet fortisandbox 3.2.3 |
||
fortinet fortisandbox 4.0.1 |
||
fortinet fortisandbox 4.0.2 |