CVE-2021-41030

CWE-2944 documents4 sources

Severity

9.1CRITICAL

EPSS

0.2%

top 53.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fortinet Forticlient Enterprise Management Server Fortinet Fortinet Forticlientems

Timeline

PublishedDec 8

Latest updateDec 9

Description

An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages2 packages

▶NVDfortinet/forticlient_enterprise_management_server6.2.0 — 6.2.9+3

▶CVEListV5fortinet/fortinet_forticlientemsFortiClientEMS 7.0.1, 7.0.0, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0

Patches

Patch: fortiguard.com ↗Patch: fortiguard.com ↗

🔴Vulnerability Details

GHSA

GHSA-g3q6-jxj3-44v3: An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7↗2021-12-09

▶

CVEList

CVE-2021-41030: An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7↗2021-12-08

▶

📋Vendor Advisories

Fortinet

An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4...↗2021-12-08

▶