ID

VAR-202111-0306


CVE

CVE-2021-36186


TITLE

Fortinet FortiWeb  Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-014534

DESCRIPTION

A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests. Fortinet FortiWeb Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiWeb is a web application layer firewall developed by Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc., to ensure the security of web applications and protect sensitive database content

Trust: 1.8

sources: NVD: CVE-2021-36186 // JVNDB: JVNDB-2021-014534 // VULHUB: VHN-398002 // VULMON: CVE-2021-36186

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiwebscope:lteversion:6.2.5

Trust: 1.0

vendor:fortinetmodel:fortiwebscope:gteversion:6.3.0

Trust: 1.0

vendor:fortinetmodel:fortiwebscope:eqversion:6.4.0

Trust: 1.0

vendor:fortinetmodel:fortiwebscope:gteversion:6.2.0

Trust: 1.0

vendor:fortinetmodel:fortiwebscope:lteversion:6.3.15

Trust: 1.0

vendor:フォーティネットmodel:fortiwebscope:eqversion: -

Trust: 0.8

vendor:フォーティネットmodel:fortiwebscope:lteversion:6.2.5 and earlier

Trust: 0.8

vendor:フォーティネットmodel:fortiwebscope:eqversion:6.4.0

Trust: 0.8

vendor:フォーティネットmodel:fortiwebscope:lteversion:6.3.15 and earlier

Trust: 0.8

sources: JVNDB: JVNDB-2021-014534 // NVD: CVE-2021-36186

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-36186
value: CRITICAL

Trust: 1.0

psirt@fortinet.com: CVE-2021-36186
value: HIGH

Trust: 1.0

NVD: CVE-2021-36186
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202111-337
value: CRITICAL

Trust: 0.6

VULHUB: VHN-398002
value: HIGH

Trust: 0.1

VULMON: CVE-2021-36186
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-36186
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-398002
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-36186
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

psirt@fortinet.com: CVE-2021-36186
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-36186
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-398002 // VULMON: CVE-2021-36186 // JVNDB: JVNDB-2021-014534 // CNNVD: CNNVD-202111-337 // NVD: CVE-2021-36186 // NVD: CVE-2021-36186

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-398002 // JVNDB: JVNDB-2021-014534 // NVD: CVE-2021-36186

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202111-337

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202111-337

PATCH

title:FG-IR-21-119url:https://www.fortiguard.com/psirt/FG-IR-21-119

Trust: 0.8

title:Fortinet FortiWeb Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=169638

Trust: 0.6

sources: JVNDB: JVNDB-2021-014534 // CNNVD: CNNVD-202111-337

EXTERNAL IDS

db:NVDid:CVE-2021-36186

Trust: 3.4

db:JVNDBid:JVNDB-2021-014534

Trust: 0.8

db:CNNVDid:CNNVD-202111-337

Trust: 0.7

db:VULHUBid:VHN-398002

Trust: 0.1

db:VULMONid:CVE-2021-36186

Trust: 0.1

sources: VULHUB: VHN-398002 // VULMON: CVE-2021-36186 // JVNDB: JVNDB-2021-014534 // CNNVD: CNNVD-202111-337 // NVD: CVE-2021-36186

REFERENCES

url:https://fortiguard.com/advisory/fg-ir-21-119

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-36186

Trust: 1.4

url:https://cwe.mitre.org/data/definitions/787.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-398002 // VULMON: CVE-2021-36186 // JVNDB: JVNDB-2021-014534 // CNNVD: CNNVD-202111-337 // NVD: CVE-2021-36186

SOURCES

db:VULHUBid:VHN-398002
db:VULMONid:CVE-2021-36186
db:JVNDBid:JVNDB-2021-014534
db:CNNVDid:CNNVD-202111-337
db:NVDid:CVE-2021-36186

LAST UPDATE DATE

2024-08-14T15:42:42.720000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-398002date:2021-11-04T00:00:00
db:VULMONid:CVE-2021-36186date:2021-11-04T00:00:00
db:JVNDBid:JVNDB-2021-014534date:2022-10-20T04:30:00
db:CNNVDid:CNNVD-202111-337date:2021-11-12T00:00:00
db:NVDid:CVE-2021-36186date:2021-11-04T14:34:34.847

SOURCES RELEASE DATE

db:VULHUBid:VHN-398002date:2021-11-02T00:00:00
db:VULMONid:CVE-2021-36186date:2021-11-02T00:00:00
db:JVNDBid:JVNDB-2021-014534date:2022-10-20T00:00:00
db:CNNVDid:CNNVD-202111-337date:2021-11-02T00:00:00
db:NVDid:CVE-2021-36186date:2021-11-02T19:15:07.967