A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0.3 and below, Fortinet FortiTokeniOS version 5.2.0 and below, Fortinet FortiTokenWinApp version 4.0.3 and below allows attacker to retrieve information disclosed via man-in-the-middle attacks.
References
Link | Resource |
---|---|
https://fortiguard.com/advisory/FG-IR-21-024 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2022-07-18 18:15
Updated : 2024-02-28 19:29
NVD link : CVE-2021-22131
Mitre link : CVE-2021-22131
CVE.ORG link : CVE-2021-22131
JSON object : View
Products Affected
fortinet
- fortitoken_mobile
CWE
CWE-295
Improper Certificate Validation