From 5cd22f7d414f46ed549e44edb60d5a841c43cbc3 Mon Sep 17 00:00:00 2001 From: Fortinet PSIRT Team Date: Tue, 20 Jul 2021 11:39:09 +0200 Subject: [PATCH] Commit CVE-2021-26095 --- 2021/22xxx/CVE-2021-22125.json | 66 ++++++++++++++++++++++++++++++++-- 2021/24xxx/CVE-2021-24022.json | 66 ++++++++++++++++++++++++++++++++-- 2021/26xxx/CVE-2021-26095.json | 66 ++++++++++++++++++++++++++++++++-- 3 files changed, 189 insertions(+), 9 deletions(-) diff --git a/2021/22xxx/CVE-2021-22125.json b/2021/22xxx/CVE-2021-22125.json index a36b416405f..d5b56438738 100644 --- a/2021/22xxx/CVE-2021-22125.json +++ b/2021/22xxx/CVE-2021-22125.json @@ -4,14 +4,74 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-22125", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Fortinet", + "product": { + "product_data": [ + { + "product_name": "Fortinet FortiSandbox", + "version": { + "version_data": [ + { + "version_value": "FortiSandbox before 3.2.2" + } + ] + } + } + ] + } + } + ] + } + }, + "impact": { + "cvss": { + "attackComplexity": "Low", + "attackVector": "Adjacent", + "availabilityImpact": "Low", + "baseScore": 6.2, + "baseSeverity": "Medium", + "confidentialityImpact": "None", + "integrityImpact": "High", + "privilegesRequired": "Low", + "scope": "Unchanged", + "userInteraction": "None", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Execute unauthorized code or commands" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://fortiguard.com/advisory/FG-IR-21-005", + "url": "https://fortiguard.com/advisory/FG-IR-21-005" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file." } ] } diff --git a/2021/24xxx/CVE-2021-24022.json b/2021/24xxx/CVE-2021-24022.json index dda9a3c2c6b..d2d2aa3793b 100644 --- a/2021/24xxx/CVE-2021-24022.json +++ b/2021/24xxx/CVE-2021-24022.json @@ -4,14 +4,74 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-24022", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Fortinet", + "product": { + "product_data": [ + { + "product_name": "Fortinet FortiAnalyzer, FortiManager", + "version": { + "version_data": [ + { + "version_value": "FortiAnalyzer 6.4.5 and below, 6.2.7 and below, 6.0.x; FortiManager 6.4.5 and below, 6.2.7 and below, 6.0.x" + } + ] + } + } + ] + } + } + ] + } + }, + "impact": { + "cvss": { + "attackComplexity": "Low", + "attackVector": "Local", + "availabilityImpact": "High", + "baseScore": 6.1, + "baseSeverity": "Medium", + "confidentialityImpact": "High", + "integrityImpact": "High", + "privilegesRequired": "High", + "scope": "Unchanged", + "userInteraction": "None", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service, Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://fortiguard.com/advisory/FG-IR-20-194", + "url": "https://fortiguard.com/advisory/FG-IR-20-194" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow vulnerability in FortiAnalyzer CLI 6.4.5 and below, 6.2.7 and below, 6.0.x and FortiManager CLI 6.4.5 and below, 6.2.7 and below, 6.0.x may allow an authenticated, local attacker to perform a Denial of Service attack by running the `diagnose system geoip-city` command with a large ip value." } ] } diff --git a/2021/26xxx/CVE-2021-26095.json b/2021/26xxx/CVE-2021-26095.json index b583cd14389..add839e51e0 100644 --- a/2021/26xxx/CVE-2021-26095.json +++ b/2021/26xxx/CVE-2021-26095.json @@ -4,14 +4,74 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-26095", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Fortinet", + "product": { + "product_data": [ + { + "product_name": "Fortinet FortiMail", + "version": { + "version_data": [ + { + "version_value": "FortiMail 6.4.0 through 6.4.4 and 6.2.0 through 6.2.6" + } + ] + } + } + ] + } + } + ] + } + }, + "impact": { + "cvss": { + "attackComplexity": "High", + "attackVector": "Network", + "availabilityImpact": "High", + "baseScore": 6.9, + "baseSeverity": "Medium", + "confidentialityImpact": "High", + "integrityImpact": "High", + "privilegesRequired": "Low", + "scope": "Unchanged", + "userInteraction": "None", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Control" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://fortiguard.com/advisory/FG-IR-21-019", + "url": "https://fortiguard.com/advisory/FG-IR-21-019" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The combination of various cryptographic issues in the session management of FortiMail 6.4.0 through 6.4.4 and 6.2.0 through 6.2.6, including\u00a0the encryption construction of the session\u00a0cookie,\u00a0may allow a remote attacker already in possession of a cookie to possibly reveal and alter or forge its content, thereby escalating privileges." } ] }