Exploit for #VU27367 Weak Password Recovery Mechanism for Forgotten Password in Fortinet FortiMail and FortiVoice
Vulnerability identifier: #VU27367
Vulnerability risk: High
CVSSv3.1: 7.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:F/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-640
Exploitation vector: Network
Exploits in database: 1
- July 12, 2020
- FortiMail Unauthenticated Login Bypass Scanner [Metasploit]
Impact: Information disclosure and data manipulation
Vulnerable software:
Fortinet FortiMail
Server applications /
IDS/IPS systems, Firewalls and proxy servers
FortiVoice
Server applications /
Conferencing, Collaboration and VoIP solutions
Vendor: Fortinet, Inc
