Exposures › CVE-2020-12812

CVE-2020-12812

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
⌖ exploited in the wild shame 80/100 ransomwareexploited-in-wild

Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.

Players implicated

Description

Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.