Vulnerabilities > CVE-2021-36171 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Fortinet Fortiportal
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The use of a cryptographically weak pseudo-random number generator in the password reset feature of FortiPortal before 6.0.6 may allow a remote unauthenticated attacker to predict parts of or the whole newly generated password within a given time frame.