Vulnerabilities > CVE-2021-36171 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Fortinet Fortiportal
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The use of a cryptographically weak pseudo-random number generator in the password reset feature of FortiPortal before 6.0.6 may allow a remote unauthenticated attacker to predict parts of or the whole newly generated password within a given time frame.