CVE-2021-26093

CWE-8244 documents4 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 70.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Fortinet Fortiwlc
Timeline
PublishedDec 19

Description

An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point being managed by the controller by executing a crafted CLI command.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:HExploitability: 2.0 | Impact: 4.7

Affected Packages2 packages

NVDfortinet/fortiwlc8.0.68.6.3
CVEListV5fortinet/fortiwlc8.5.08.5.3+7

🔴Vulnerability Details

2
CVEList
CVE-2021-26093: An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC versions 82024-12-19
GHSA
GHSA-mx92-m8m9-32fq: An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC versions 82024-12-19

📋Vendor Advisories

1
Fortinet
An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a loc...2024-12-19
CVE-2021-26093 (MEDIUM CVSS 6.5) | An access of uninitialized pointer | cvebase.io