admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-221xx/CVE-2021-22131.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

245 lines
9.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-22131",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2022-07-18T18:15:08.620",
"lastModified": "2022-07-25T15:12:27.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0.3 and below, Fortinet FortiTokeniOS version 5.2.0 and below, Fortinet FortiTokenWinApp version 4.0.3 and below allows attacker to retrieve information disclosed via man-in-the-middle attacks."
},
{
"lang": "es",
"value": "Una comprobaci\u00f3n incorrecta del certificado con desajuste de host en Fortinet FortiTokenAndroid versi\u00f3n 5.0.3 y posteriores, Fortinet FortiTokeniOS versi\u00f3n 5.2.0 y posteriores, Fortinet FortiTokenWinApp versi\u00f3n 4.0.3 y posteriores permite a un atacante recuperar informaci\u00f3n divulgada por medio de ataques de tipo man-in-the-middle"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 4.2
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:0.4.10:*:*:*:*:android:*:*",
"matchCriteriaId": "78409CFC-A286-4BC2-A6CC-3AA0713B5B95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:0.4.20:*:*:*:*:android:*:*",
"matchCriteriaId": "8607115D-DF4D-4FF8-892E-5F249E8DBD49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:3.0.0:*:*:*:*:android:*:*",
"matchCriteriaId": "B9C01846-DEC3-4D82-9CF8-7A7F30E3D24E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:3.0.0:*:*:*:*:windows:*:*",
"matchCriteriaId": "6BE8D5E7-54A6-41F8-AEE5-4B5494F526E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:3.0.1:*:*:*:*:android:*:*",
"matchCriteriaId": "78A9D2E4-C44A-4E2D-8653-34125C60D36D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:3.0.1:*:*:*:*:ios:*:*",
"matchCriteriaId": "646EA1B7-DC75-48C9-9253-4C2A73EBAB4D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:3.0.1:*:*:*:*:windows:*:*",
"matchCriteriaId": "EFBCBD58-7F9F-4972-B283-843A341BF3D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:3.0.2:*:*:*:*:android:*:*",
"matchCriteriaId": "745A6368-1A53-4CE7-9FC0-D7691841A5A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:3.0.2:*:*:*:*:ios:*:*",
"matchCriteriaId": "66F1224F-B105-421E-B8A4-1ADB4E6D6C97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:3.0.3:*:*:*:*:android:*:*",
"matchCriteriaId": "4F8B1290-410C-4DF8-8F32-D7606D6ED70C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:3.0.3:*:*:*:*:ios:*:*",
"matchCriteriaId": "F12596B9-1FD1-4DEE-B914-3BE4AB0D4954"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:3.0.4:*:*:*:*:android:*:*",
"matchCriteriaId": "A91D1B9C-1E80-4F1F-9C87-B2F8BBC238CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:3.0.4:*:*:*:*:ios:*:*",
"matchCriteriaId": "DB309927-9668-485A-B103-4B49B158F9FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:3.0.5:*:*:*:*:ios:*:*",
"matchCriteriaId": "E6C89656-4142-459C-A7D0-1AD56D8912DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:4.0.0:*:*:*:*:android:*:*",
"matchCriteriaId": "3955B1D6-2A19-4233-B4D9-8B4164953FC5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:4.0.1:*:*:*:*:android:*:*",
"matchCriteriaId": "C73200A0-7927-4BB7-BFC3-F3096A36C885"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:4.0.3:*:*:*:*:windows:*:*",
"matchCriteriaId": "64352CBC-EE83-41E0-AA38-63F1BE9C6BFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:4.1.0:*:*:*:*:ios:*:*",
"matchCriteriaId": "359238E3-41BD-4CF1-8DBE-D870AC8B957C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:4.1.1:*:*:*:*:android:*:*",
"matchCriteriaId": "13450557-F714-440B-ACE4-16CB73FE0671"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:4.1.1:*:*:*:*:ios:*:*",
"matchCriteriaId": "0FBE4948-CC88-48EA-AA98-7FFA6CB64620"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:4.2.0:*:*:*:*:ios:*:*",
"matchCriteriaId": "081B181E-C83F-43B1-B403-66F39E9F19B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:4.2.1:*:*:*:*:android:*:*",
"matchCriteriaId": "9136197A-B12B-4CAF-9E29-4C5FE449CA4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:4.2.2:*:*:*:*:android:*:*",
"matchCriteriaId": "4C141581-C3A0-40AD-9653-09A807DAD6CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:4.3.0:*:*:*:*:android:*:*",
"matchCriteriaId": "F15B4E41-3064-4EC5-8E7B-28E3C1F0C2D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:4.3.0:*:*:*:*:ios:*:*",
"matchCriteriaId": "0A1901AC-78BB-488A-85E0-DF7596018CAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:4.4.0:*:*:*:*:android:*:*",
"matchCriteriaId": "469E9D0A-A62D-4827-9CCC-273E8DBDF803"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:4.5.0:*:*:*:*:android:*:*",
"matchCriteriaId": "94A1FD51-E7EB-46B0-876F-FC4DBCD9F067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:5.0.2:*:*:*:*:android:*:*",
"matchCriteriaId": "C7D9D6C0-3BEE-4AA7-89F0-3F403BE9899F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:5.0.3:*:*:*:*:android:*:*",
"matchCriteriaId": "D5AD4616-8E63-4454-B443-F25226796FDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortitoken_mobile:5.2.0:*:*:*:*:ios:*:*",
"matchCriteriaId": "B395A92E-6FE3-42E1-97F3-3FB6FB1C2AF9"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/advisory/FG-IR-21-024",
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink