all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Weak key derivation for backup file

Add to bookmarks
June 11, 2024, 7 a.m. |

FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com

A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS and FortiProxy may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file.

access admin attacker backup cli computational cwe file fortios fortiproxy hash key may password privileged profile super vulnerability

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories

FortiOS/FortiProxy - XSS in reboot page 2 weeks, 1 day ago | fortiguard.fortinet.com
access admin attacker code +18
Stack buffer overflow on bluetooth write feature 2 weeks, 1 day ago | fortiguard.fortinet.com
arbitrary code arbitrary code execution attacker bluetooth +14
Blind SQL Injection 2 weeks, 1 day ago | fortiguard.fortinet.com
blind command cwe download +8
Buffer overflow in fgfmd 2 weeks, 1 day ago | fortiguard.fortinet.com
arbitrary code attacker buffer buffer overflow +15
FortiSOAR is vulnerable to sql injection in Event Auth API via uuid parameter 2 weeks, 1 day ago | fortiguard.fortinet.com
api attacker auth code +14
Multiple buffer overflows in diag npu command 2 weeks, 1 day ago | fortiguard.fortinet.com
attacker buffer buffer overflow buffer overflows +14
TunnelVision - CVE-2024-3661 2 weeks, 1 day ago | fortiguard.fortinet.com
attack attacker aware bypass +18
Weak key derivation for backup file 2 weeks, 1 day ago | fortiguard.fortinet.com
access admin attacker backup +14
Buffer overflow in administrative interface 1 month, 1 week ago | fortiguard.fortinet.com
arbitrary code attacker buffer buffer overflow +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Technology Specialist I: Windows Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, California
View on infosec-jobs.com

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA
View on infosec-jobs.com

Vice President, Controls Design & Development-7

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Vice President, Controls Design & Development-5

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Data Scientist & AI Prompt Engineer

@ Varonis | Israel
View on infosec-jobs.com

Contractor

@ Birlasoft | INDIA - MUMBAI - BIRLASOFT OFFICE, IN
View on infosec-jobs.com