FortiDDoS – Use of hardcoded key for the JWT token
Discription
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API may allow an attacker who managed to retrieve the key from one device to sign JWT tokens for any device.Read More
References
Back to Main