CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-24012

An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted Certificate Authority.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.5%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 7.5

References

https://fortiguard.com/advisory/FG-IR-21-018
https://fortiguard.com/advisory/FG-IR-21-018

Products affected by CVE-2021-24012

Fortinet » Fortios » Version: 6.4.0

cpe:2.3:o:fortinet:fortios:6.4.0
Fortinet » Fortios » Version: 6.4.1

cpe:2.3:o:fortinet:fortios:6.4.1
Fortinet » Fortios » Version: 6.4.2

cpe:2.3:o:fortinet:fortios:6.4.2
Fortinet » Fortios » Version: 6.4.3

cpe:2.3:o:fortinet:fortios:6.4.3
Fortinet » Fortios » Version: 6.4.4

cpe:2.3:o:fortinet:fortios:6.4.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24012

Products

Pricing

Contact Us