FortiSandbox - Improper password storage mechanism
A use of password hash with insufficient computational effort vulnerability [CWE-916] in FortiSandbox may allow an attacker with access to the password database to efficiently mount bulk guessing attacks to recover the passwords.
Affected ProductsFortiSandbox version 4.0.0 through 4.0.2
FortiSandbox version 3.2.0 through 3.2.3
Upgrade to FortiSandbox version 4.2.0 and above.