Details of VAR-202109-0399

ID

VAR-202109-0399

CVE

CVE-2021-24016

TITLE

Pillow Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

DESCRIPTION

An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4.3 and below, 6.2.7 and below allows attacker to execute arbitrary commands via crafted IPv4 field in policy name, when exported as excel file and opened unsafely on the victim host. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Fortinet FortiManager is a centralized network security management platform developed by Fortinet. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management domains (ADOMs) to further simplify multi-device security deployment and management. FortiManager has a security vulnerability that stems from improper authentication in FortiManager. An attacker could exploit this vulnerability to assign or unassign a global policy package to the flatui/json module via a POST request

Trust: 1.62

sources: NVD: CVE-2021-24016 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-382734 // VULMON: CVE-2021-24016

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortimanager	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	fortinet	model:	fortimanager	scope:	lt	version:	6.2.8	Trust: 1.0
vendor:	fortinet	model:	fortimanager	scope:	lt	version:	6.4.4	Trust: 1.0

sources: NVD: CVE-2021-24016

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-24016
value:	MEDIUM
Trust: 1.0
psirt@fortinet.com:	CVE-2021-24016
value:	LOW
Trust: 1.0
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202109-366
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-382734
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-24016
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-382734
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-24016
baseSeverity:	MEDIUM
baseScore:	6.3
vectorString:	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	HIGH
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.3
impactScore:	5.9
version:	3.1
Trust: 1.0
psirt@fortinet.com:	CVE-2021-24016
baseSeverity:	LOW
baseScore:	3.7
vectorString:	CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	HIGH
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	0.7
impactScore:	2.7
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-382734 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-366 // NVD: CVE-2021-24016 // NVD: CVE-2021-24016

PROBLEMTYPE DATA

problemtype:

CWE-1236

Trust: 1.0

sources: NVD: CVE-2021-24016

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202109-366

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:

Fortinet FortiManager Fixes for code injection vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=165669

Trust: 0.6

sources: CNNVD: CNNVD-202109-366

EXTERNAL IDS

db:	NVD	id:	CVE-2021-24016	Trust: 1.8
db:	CNNVD	id:	CNNVD-202109-366	Trust: 0.7
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3003	Trust: 0.6
db:	CS-HELP	id:	SB2021090809	Trust: 0.6
db:	CNVD	id:	CNVD-2022-05868	Trust: 0.1
db:	VULHUB	id:	VHN-382734	Trust: 0.1
db:	VULMON	id:	CVE-2021-24016	Trust: 0.1

sources: VULHUB: VHN-382734 // VULMON: CVE-2021-24016 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-366 // NVD: CVE-2021-24016

REFERENCES

url:	https://fortiguard.com/advisory/fg-ir-20-190	Trust: 1.8
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-24016	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3003	Trust: 0.6
url:	https://vigilance.fr/vulnerability/fortimanager-code-execution-via-p-o-ipv4-policy-names-excel-formula-injection-36336	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021090809	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-382734 // VULMON: CVE-2021-24016 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-366 // NVD: CVE-2021-24016

SOURCES

db:	VULHUB	id:	VHN-382734
db:	VULMON	id:	CVE-2021-24016
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202109-366
db:	NVD	id:	CVE-2021-24016

LAST UPDATE DATE

2024-08-14T12:08:37.175000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-382734	date:	2021-10-08T00:00:00
db:	VULMON	id:	CVE-2021-24016	date:	2021-09-30T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202109-366	date:	2021-10-14T00:00:00
db:	NVD	id:	CVE-2021-24016	date:	2021-10-08T03:22:19.737

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-382734	date:	2021-09-30T00:00:00
db:	VULMON	id:	CVE-2021-24016	date:	2021-09-30T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202109-366	date:	2021-09-08T00:00:00
db:	NVD	id:	CVE-2021-24016	date:	2021-09-30T16:15:07.350