Exposures › CVE-2020-12812
CVE-2020-12812
Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
⌖ exploited in the wild
shame 80/100
ransomwareexploited-in-wild
Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.
Players implicated
Description
Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.
Affected FedRAMP products 0 in the catalog
No correlated FedRAMP products.