ID

VAR-202112-0338


CVE

CVE-2021-42757


TITLE

FortiOS  of  TFTP  client library and  FortiOS  Classic buffer overflow vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-016008

DESCRIPTION

A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2021-42757 // JVNDB: JVNDB-2021-016008 // VULHUB: VHN-403819

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiwebscope:eqversion:6.4.1

Trust: 1.0

vendor:fortinetmodel:fortimailscope:lteversion:7.0.2

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:gteversion:1.0.0

Trust: 1.0

vendor:fortinetmodel:fortimanagerscope:lteversion:6.4.7

Trust: 1.0

vendor:fortinetmodel:fortindrscope:gteversion:1.1.0

Trust: 1.0

vendor:fortinetmodel:fortimailscope:gteversion:5.4.0

Trust: 1.0

vendor:fortinetmodel:fortiswitchscope:lteversion:6.4.9

Trust: 1.0

vendor:fortinetmodel:fortiosscope:lteversion:6.0.13

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:gteversion:6.4.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:7.0.0

Trust: 1.0

vendor:fortinetmodel:fortianalyzerscope:lteversion:6.4.7

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:lteversion:2.0.7

Trust: 1.0

vendor:fortinetmodel:fortimanagerscope:lteversion:7.0.2

Trust: 1.0

vendor:fortinetmodel:fortios-6k7kscope:eqversion:6.4.6

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:6.4.0

Trust: 1.0

vendor:fortinetmodel:fortiportalscope:gteversion:5.0.0

Trust: 1.0

vendor:fortinetmodel:fortimailscope:gteversion:6.4.0

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:eqversion:7.0.1

Trust: 1.0

vendor:fortinetmodel:fortianalyzerscope:lteversion:7.0.2

Trust: 1.0

vendor:fortinetmodel:fortimailscope:lteversion:6.2.7

Trust: 1.0

vendor:fortinetmodel:fortimailscope:gteversion:7.0.0

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:lteversion:6.0.10

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:gteversion:2.6.0

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:lteversion:6.4.2

Trust: 1.0

vendor:fortinetmodel:fortiwebscope:eqversion:6.4.0

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:lteversion:6.4.4

Trust: 1.0

vendor:fortinetmodel:fortiportalscope:lteversion:6.0.10

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:eqversion:7.0.0

Trust: 1.0

vendor:fortinetmodel:fortios-6k7kscope:eqversion:6.4.2

Trust: 1.0

vendor:fortinetmodel:fortimailscope:lteversion:6.4.6

Trust: 1.0

vendor:fortinetmodel:fortiosscope:lteversion:6.2.9

Trust: 1.0

vendor:fortinetmodel:fortiswitchscope:lteversion:7.0.3

Trust: 1.0

vendor:fortinetmodel:fortiadcscope:lteversion:6.2.2

Trust: 1.0

vendor:fortinetmodel:fortiswitchscope:gteversion:7.0.0

Trust: 1.0

vendor:fortinetmodel:fortimanagerscope:gteversion:7.0.0

Trust: 1.0

vendor:fortinetmodel:fortiadcscope:lteversion:6.1.5

Trust: 1.0

vendor:fortinetmodel:fortios-6k7kscope:lteversion:6.2.8

Trust: 1.0

vendor:fortinetmodel:fortiosscope:lteversion:6.4.7

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:6.2.0

Trust: 1.0

vendor:fortinetmodel:fortiswitchscope:gteversion:6.0.0

Trust: 1.0

vendor:fortinetmodel:fortiadcscope:gteversion:6.2.0

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:gteversion:6.4.0

Trust: 1.0

vendor:fortinetmodel:fortiwebscope:gteversion:5.0.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:lteversion:7.0.2

Trust: 1.0

vendor:fortinetmodel:fortianalyzerscope:gteversion:7.0.0

Trust: 1.0

vendor:fortinetmodel:fortimanagerscope:gteversion:6.0.0

Trust: 1.0

vendor:fortinetmodel:fortiwebscope:lteversion:6.3.16

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:5.0.0

Trust: 1.0

vendor:fortinetmodel:fortiadcscope:gteversion:5.0.0

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:gteversion:6.0.0

Trust: 1.0

vendor:fortinetmodel:fortindrscope:lteversion:1.5.2

Trust: 1.0

vendor:fortinetmodel:fortianalyzerscope:gteversion:6.0.0

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:lteversion:6.0.10

Trust: 1.0

vendor:フォーティネットmodel:fortimanagerscope: - version: -

Trust: 0.8

vendor:フォーティネットmodel:fortiosscope: - version: -

Trust: 0.8

vendor:フォーティネットmodel:fortianalyzerscope: - version: -

Trust: 0.8

vendor:フォーティネットmodel:fortiwebscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-016008 // NVD: CVE-2021-42757

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-42757
value: MEDIUM

Trust: 1.0

psirt@fortinet.com: CVE-2021-42757
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-42757
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202112-559
value: MEDIUM

Trust: 0.6

VULHUB: VHN-403819
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-42757
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-403819
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-42757
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.1

Trust: 2.0

OTHER: JVNDB-2021-016008
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-403819 // JVNDB: JVNDB-2021-016008 // CNNVD: CNNVD-202112-559 // NVD: CVE-2021-42757 // NVD: CVE-2021-42757

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:Classic buffer overflow (CWE-120) [NVD evaluation ]

Trust: 0.8

problemtype:CWE-120

Trust: 0.1

sources: VULHUB: VHN-403819 // JVNDB: JVNDB-2021-016008 // NVD: CVE-2021-42757

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202112-559

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202112-559

PATCH

title:FG-IR-21-173url:https://www.fortiguard.com/psirt/FG-IR-21-173

Trust: 0.8

title:Fortinet FortiOS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=173877

Trust: 0.6

sources: JVNDB: JVNDB-2021-016008 // CNNVD: CNNVD-202112-559

EXTERNAL IDS

db:NVDid:CVE-2021-42757

Trust: 3.3

db:JVNDBid:JVNDB-2021-016008

Trust: 0.8

db:CNNVDid:CNNVD-202112-559

Trust: 0.6

db:VULHUBid:VHN-403819

Trust: 0.1

sources: VULHUB: VHN-403819 // JVNDB: JVNDB-2021-016008 // CNNVD: CNNVD-202112-559 // NVD: CVE-2021-42757

REFERENCES

url:https://fortiguard.com/advisory/fg-ir-21-173

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-42757

Trust: 1.4

url:https://vigilance.fr/vulnerability/fortios-buffer-overflow-via-tftp-client-library-37026

Trust: 0.6

sources: VULHUB: VHN-403819 // JVNDB: JVNDB-2021-016008 // CNNVD: CNNVD-202112-559 // NVD: CVE-2021-42757

SOURCES

db:VULHUBid:VHN-403819
db:JVNDBid:JVNDB-2021-016008
db:CNNVDid:CNNVD-202112-559
db:NVDid:CVE-2021-42757

LAST UPDATE DATE

2024-08-14T14:37:48.677000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-403819date:2021-12-09T00:00:00
db:JVNDBid:JVNDB-2021-016008date:2022-12-05T06:18:00
db:CNNVDid:CNNVD-202112-559date:2021-12-13T00:00:00
db:NVDid:CVE-2021-42757date:2024-01-18T15:48:06.043

SOURCES RELEASE DATE

db:VULHUBid:VHN-403819date:2021-12-08T00:00:00
db:JVNDBid:JVNDB-2021-016008date:2022-12-05T00:00:00
db:CNNVDid:CNNVD-202112-559date:2021-12-07T00:00:00
db:NVDid:CVE-2021-42757date:2021-12-08T11:15:11.840