CVE-2020-12812CISA KEV: Actively Exploited

Fortinet FortiOS SSL VPN Improper Authentication Vulnerability

Published Nov 3, 2021·Updated Nov 3, 2021

Description

Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free