ID

VAR-202109-0399


CVE

CVE-2021-24016


TITLE

Pillow Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

DESCRIPTION

An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4.3 and below, 6.2.7 and below allows attacker to execute arbitrary commands via crafted IPv4 field in policy name, when exported as excel file and opened unsafely on the victim host. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Fortinet FortiManager is a centralized network security management platform developed by Fortinet. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management domains (ADOMs) to further simplify multi-device security deployment and management. FortiManager has a security vulnerability that stems from improper authentication in FortiManager. An attacker could exploit this vulnerability to assign or unassign a global policy package to the flatui/json module via a POST request

Trust: 1.62

sources: NVD: CVE-2021-24016 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-382734 // VULMON: CVE-2021-24016

AFFECTED PRODUCTS

vendor:fortinetmodel:fortimanagerscope:gteversion:6.4.0

Trust: 1.0

vendor:fortinetmodel:fortimanagerscope:ltversion:6.2.8

Trust: 1.0

vendor:fortinetmodel:fortimanagerscope:ltversion:6.4.4

Trust: 1.0

sources: NVD: CVE-2021-24016

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-24016
value: MEDIUM

Trust: 1.0

psirt@fortinet.com: CVE-2021-24016
value: LOW

Trust: 1.0

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202109-366
value: MEDIUM

Trust: 0.6

VULHUB: VHN-382734
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-24016
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-382734
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-24016
baseSeverity: MEDIUM
baseScore: 6.3
vectorString: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.3
impactScore: 5.9
version: 3.1

Trust: 1.0

psirt@fortinet.com: CVE-2021-24016
baseSeverity: LOW
baseScore: 3.7
vectorString: CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N
attackVector: ADJACENT
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 0.7
impactScore: 2.7
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-382734 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-366 // NVD: CVE-2021-24016 // NVD: CVE-2021-24016

PROBLEMTYPE DATA

problemtype:CWE-1236

Trust: 1.0

sources: NVD: CVE-2021-24016

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202109-366

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:Fortinet FortiManager Fixes for code injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=165669

Trust: 0.6

sources: CNNVD: CNNVD-202109-366

EXTERNAL IDS

db:NVDid:CVE-2021-24016

Trust: 1.8

db:CNNVDid:CNNVD-202109-366

Trust: 0.7

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:AUSCERTid:ESB-2021.3003

Trust: 0.6

db:CS-HELPid:SB2021090809

Trust: 0.6

db:CNVDid:CNVD-2022-05868

Trust: 0.1

db:VULHUBid:VHN-382734

Trust: 0.1

db:VULMONid:CVE-2021-24016

Trust: 0.1

sources: VULHUB: VHN-382734 // VULMON: CVE-2021-24016 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-366 // NVD: CVE-2021-24016

REFERENCES

url:https://fortiguard.com/advisory/fg-ir-20-190

Trust: 1.8

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-24016

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3003

Trust: 0.6

url:https://vigilance.fr/vulnerability/fortimanager-code-execution-via-p-o-ipv4-policy-names-excel-formula-injection-36336

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021090809

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-382734 // VULMON: CVE-2021-24016 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-366 // NVD: CVE-2021-24016

SOURCES

db:VULHUBid:VHN-382734
db:VULMONid:CVE-2021-24016
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202109-366
db:NVDid:CVE-2021-24016

LAST UPDATE DATE

2024-08-14T12:08:37.175000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-382734date:2021-10-08T00:00:00
db:VULMONid:CVE-2021-24016date:2021-09-30T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202109-366date:2021-10-14T00:00:00
db:NVDid:CVE-2021-24016date:2021-10-08T03:22:19.737

SOURCES RELEASE DATE

db:VULHUBid:VHN-382734date:2021-09-30T00:00:00
db:VULMONid:CVE-2021-24016date:2021-09-30T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202109-366date:2021-09-08T00:00:00
db:NVDid:CVE-2021-24016date:2021-09-30T16:15:07.350