Details of VAR-202112-0338

ID

VAR-202112-0338

CVE

CVE-2021-42757

TITLE

FortiOS of TFTP client library and FortiOS Classic buffer overflow vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-016008

DESCRIPTION

A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2021-42757 // JVNDB: JVNDB-2021-016008 // VULHUB: VHN-403819

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortiweb	scope:	eq	version:	6.4.1	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	lte	version:	7.0.2	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	gte	version:	1.0.0	Trust: 1.0
vendor:	fortinet	model:	fortimanager	scope:	lte	version:	6.4.7	Trust: 1.0
vendor:	fortinet	model:	fortindr	scope:	gte	version:	1.1.0	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	gte	version:	5.4.0	Trust: 1.0
vendor:	fortinet	model:	fortiswitch	scope:	lte	version:	6.4.9	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lte	version:	6.0.13	Trust: 1.0
vendor:	fortinet	model:	fortirecorder	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortianalyzer	scope:	lte	version:	6.4.7	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	lte	version:	2.0.7	Trust: 1.0
vendor:	fortinet	model:	fortimanager	scope:	lte	version:	7.0.2	Trust: 1.0
vendor:	fortinet	model:	fortios-6k7k	scope:	eq	version:	6.4.6	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	fortinet	model:	fortiportal	scope:	gte	version:	5.0.0	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	eq	version:	7.0.1	Trust: 1.0
vendor:	fortinet	model:	fortianalyzer	scope:	lte	version:	7.0.2	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	lte	version:	6.2.7	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortivoice	scope:	lte	version:	6.0.10	Trust: 1.0
vendor:	fortinet	model:	fortirecorder	scope:	gte	version:	2.6.0	Trust: 1.0
vendor:	fortinet	model:	fortirecorder	scope:	lte	version:	6.4.2	Trust: 1.0
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	6.4.0	Trust: 1.0
vendor:	fortinet	model:	fortivoice	scope:	lte	version:	6.4.4	Trust: 1.0
vendor:	fortinet	model:	fortiportal	scope:	lte	version:	6.0.10	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	eq	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortios-6k7k	scope:	eq	version:	6.4.2	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	lte	version:	6.4.6	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lte	version:	6.2.9	Trust: 1.0
vendor:	fortinet	model:	fortiswitch	scope:	lte	version:	7.0.3	Trust: 1.0
vendor:	fortinet	model:	fortiadc	scope:	lte	version:	6.2.2	Trust: 1.0
vendor:	fortinet	model:	fortiswitch	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortimanager	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortiadc	scope:	lte	version:	6.1.5	Trust: 1.0
vendor:	fortinet	model:	fortios-6k7k	scope:	lte	version:	6.2.8	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lte	version:	6.4.7	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	6.2.0	Trust: 1.0
vendor:	fortinet	model:	fortiswitch	scope:	gte	version:	6.0.0	Trust: 1.0
vendor:	fortinet	model:	fortiadc	scope:	gte	version:	6.2.0	Trust: 1.0
vendor:	fortinet	model:	fortivoice	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	fortinet	model:	fortiweb	scope:	gte	version:	5.0.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lte	version:	7.0.2	Trust: 1.0
vendor:	fortinet	model:	fortianalyzer	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortimanager	scope:	gte	version:	6.0.0	Trust: 1.0
vendor:	fortinet	model:	fortiweb	scope:	lte	version:	6.3.16	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	5.0.0	Trust: 1.0
vendor:	fortinet	model:	fortiadc	scope:	gte	version:	5.0.0	Trust: 1.0
vendor:	fortinet	model:	fortivoice	scope:	gte	version:	6.0.0	Trust: 1.0
vendor:	fortinet	model:	fortindr	scope:	lte	version:	1.5.2	Trust: 1.0
vendor:	fortinet	model:	fortianalyzer	scope:	gte	version:	6.0.0	Trust: 1.0
vendor:	fortinet	model:	fortirecorder	scope:	lte	version:	6.0.10	Trust: 1.0
vendor:	フォーティネット	model:	fortimanager	scope:	-	version:	-	Trust: 0.8
vendor:	フォーティネット	model:	fortios	scope:	-	version:	-	Trust: 0.8
vendor:	フォーティネット	model:	fortianalyzer	scope:	-	version:	-	Trust: 0.8
vendor:	フォーティネット	model:	fortiweb	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-016008 // NVD: CVE-2021-42757

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-42757
value:	MEDIUM
Trust: 1.0
psirt@fortinet.com:	CVE-2021-42757
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-42757
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202112-559
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-403819
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-42757
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-403819
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-42757
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.1
Trust: 2.0
OTHER:	JVNDB-2021-016008
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-403819 // JVNDB: JVNDB-2021-016008 // CNNVD: CNNVD-202112-559 // NVD: CVE-2021-42757 // NVD: CVE-2021-42757

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.0
problemtype:	Classic buffer overflow (CWE-120) [NVD evaluation ]	Trust: 0.8
problemtype:	CWE-120	Trust: 0.1

sources: VULHUB: VHN-403819 // JVNDB: JVNDB-2021-016008 // NVD: CVE-2021-42757

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202112-559

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202112-559

PATCH

title:	FG-IR-21-173	url:	https://www.fortiguard.com/psirt/FG-IR-21-173	Trust: 0.8
title:	Fortinet FortiOS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=173877	Trust: 0.6

sources: JVNDB: JVNDB-2021-016008 // CNNVD: CNNVD-202112-559

EXTERNAL IDS

db:	NVD	id:	CVE-2021-42757	Trust: 3.3
db:	JVNDB	id:	JVNDB-2021-016008	Trust: 0.8
db:	CNNVD	id:	CNNVD-202112-559	Trust: 0.6
db:	VULHUB	id:	VHN-403819	Trust: 0.1

sources: VULHUB: VHN-403819 // JVNDB: JVNDB-2021-016008 // CNNVD: CNNVD-202112-559 // NVD: CVE-2021-42757

REFERENCES

url:	https://fortiguard.com/advisory/fg-ir-21-173	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-42757	Trust: 1.4
url:	https://vigilance.fr/vulnerability/fortios-buffer-overflow-via-tftp-client-library-37026	Trust: 0.6

sources: VULHUB: VHN-403819 // JVNDB: JVNDB-2021-016008 // CNNVD: CNNVD-202112-559 // NVD: CVE-2021-42757

SOURCES

db:	VULHUB	id:	VHN-403819
db:	JVNDB	id:	JVNDB-2021-016008
db:	CNNVD	id:	CNNVD-202112-559
db:	NVD	id:	CVE-2021-42757

LAST UPDATE DATE

2024-08-14T14:37:48.677000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-403819	date:	2021-12-09T00:00:00
db:	JVNDB	id:	JVNDB-2021-016008	date:	2022-12-05T06:18:00
db:	CNNVD	id:	CNNVD-202112-559	date:	2021-12-13T00:00:00
db:	NVD	id:	CVE-2021-42757	date:	2024-01-18T15:48:06.043

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-403819	date:	2021-12-08T00:00:00
db:	JVNDB	id:	JVNDB-2021-016008	date:	2022-12-05T00:00:00
db:	CNNVD	id:	CNNVD-202112-559	date:	2021-12-07T00:00:00
db:	NVD	id:	CVE-2021-42757	date:	2021-12-08T11:15:11.840