Details of VAR-202106-0667

ID

VAR-202106-0667

CVE

CVE-2021-22123

TITLE

FortiWeb management interface In OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-007587

DESCRIPTION

An OS command injection vulnerability in FortiWeb's management interface 6.3.7 and below, 6.2.3 and below, 6.1.x, 6.0.x, 5.9.x may allow a remote authenticated attacker to execute arbitrary commands on the system via the SAML server configuration page. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Fortinet FortiWeb is a web application layer firewall developed by Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc., to ensure the security of web applications and protect sensitive database content. Fortinet FortiWeb has an operating system command injection vulnerability. The following products and versions are affected: FortiWeb: Version 6.3.7 and earlier, Version 6.2.3 and earlier, 6.1.x, 6.0.x, 5.9.x

Trust: 2.34

sources: NVD: CVE-2021-22123 // JVNDB: JVNDB-2021-007587 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-380532 // VULMON: CVE-2021-22123

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortiweb	scope:	lt	version:	6.2.4	Trust: 1.0
vendor:	fortinet	model:	fortiweb	scope:	gte	version:	6.3.0	Trust: 1.0
vendor:	fortinet	model:	fortiweb	scope:	gte	version:	5.9.0	Trust: 1.0
vendor:	fortinet	model:	fortiweb	scope:	lt	version:	6.3.8	Trust: 1.0
vendor:	フォーティネット	model:	fortiweb	scope:	lte	version:	6.2.3 and earlier	Trust: 0.8
vendor:	フォーティネット	model:	fortiweb	scope:	lte	version:	6.3.7 and earlier	Trust: 0.8
vendor:	フォーティネット	model:	fortiweb	scope:	eq	version:	5.9.x	Trust: 0.8
vendor:	フォーティネット	model:	fortiweb	scope:	eq	version:	6.1.x	Trust: 0.8
vendor:	フォーティネット	model:	fortiweb	scope:	eq	version:	6.0.x	Trust: 0.8
vendor:	フォーティネット	model:	fortiweb	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-007587 // NVD: CVE-2021-22123

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-22123
value:	HIGH
Trust: 1.0
psirt@fortinet.com:	CVE-2021-22123
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-22123
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202106-013
value:	HIGH
Trust: 0.6
VULHUB:	VHN-380532
value:	HIGH
Trust: 0.1
VULMON:	CVE-2021-22123
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-22123
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-380532
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-22123
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
psirt@fortinet.com:	CVE-2021-22123
baseSeverity:	HIGH
baseScore:	7.6
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.7
version:	3.1
Trust: 1.0
NVD:	CVE-2021-22123
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-380532 // VULMON: CVE-2021-22123 // JVNDB: JVNDB-2021-007587 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202106-013 // NVD: CVE-2021-22123 // NVD: CVE-2021-22123

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.1
problemtype:	OS Command injection (CWE-78) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-380532 // JVNDB: JVNDB-2021-007587 // NVD: CVE-2021-22123

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202106-013

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:	FG-IR-20-120	url:	https://fortiguard.com/advisory/FG-IR-20-120	Trust: 0.8
title:	Fortinet FortiWeb Fixes for operating system command injection vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=152459	Trust: 0.6
title:	CVE-2021-22123	url:	https://github.com/murataydemir/CVE-2021-22123	Trust: 0.1

sources: VULMON: CVE-2021-22123 // JVNDB: JVNDB-2021-007587 // CNNVD: CNNVD-202106-013

EXTERNAL IDS

db:	NVD	id:	CVE-2021-22123	Trust: 3.4
db:	JVNDB	id:	JVNDB-2021-007587	Trust: 0.8
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2817	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1892	Trust: 0.6
db:	CS-HELP	id:	SB2021081913	Trust: 0.6
db:	CS-HELP	id:	SB2021060119	Trust: 0.6
db:	CNNVD	id:	CNNVD-202106-013	Trust: 0.6
db:	SEEBUG	id:	SSVID-99335	Trust: 0.1
db:	VULHUB	id:	VHN-380532	Trust: 0.1
db:	VULMON	id:	CVE-2021-22123	Trust: 0.1

sources: VULHUB: VHN-380532 // VULMON: CVE-2021-22123 // JVNDB: JVNDB-2021-007587 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202106-013 // NVD: CVE-2021-22123

REFERENCES

url:	https://fortiguard.com/advisory/fg-ir-20-120	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22123	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021081913	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2817	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021060119	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1892	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/78.html	Trust: 0.1
url:	https://github.com/murataydemir/cve-2021-22123	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-380532 // VULMON: CVE-2021-22123 // JVNDB: JVNDB-2021-007587 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202106-013 // NVD: CVE-2021-22123

SOURCES

db:	VULHUB	id:	VHN-380532
db:	VULMON	id:	CVE-2021-22123
db:	JVNDB	id:	JVNDB-2021-007587
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202106-013
db:	NVD	id:	CVE-2021-22123

LAST UPDATE DATE

2024-08-14T13:06:18.876000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-380532	date:	2021-06-10T00:00:00
db:	VULMON	id:	CVE-2021-22123	date:	2021-06-10T00:00:00
db:	JVNDB	id:	JVNDB-2021-007587	date:	2022-02-17T06:42:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202106-013	date:	2021-08-20T00:00:00
db:	NVD	id:	CVE-2021-22123	date:	2021-06-10T19:36:03.907

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-380532	date:	2021-06-01T00:00:00
db:	VULMON	id:	CVE-2021-22123	date:	2021-06-01T00:00:00
db:	JVNDB	id:	JVNDB-2021-007587	date:	2022-02-17T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202106-013	date:	2021-06-01T00:00:00
db:	NVD	id:	CVE-2021-22123	date:	2021-06-01T20:15:08.297