Sign-up

ID

VAR-202112-0381


CVE

CVE-2021-26109


TITLE

FortiOS  Integer overflow vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-015995

DESCRIPTION

An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution. FortiOS Exists in an integer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam

Trust: 1.71

sources: NVD: CVE-2021-26109 // JVNDB: JVNDB-2021-015995 // VULHUB: VHN-385073

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiosscope:gteversion:6.2.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:lteversion:6.4.5

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:6.4.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:6.0.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:lteversion:6.2.9

Trust: 1.0

vendor:fortinetmodel:fortiosscope:lteversion:6.0.12

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:7.0.0

Trust: 1.0

vendor:フォーティネットmodel:fortiosscope:eqversion:7.0.1

Trust: 0.8

vendor:フォーティネットmodel:fortiosscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-015995 // NVD: CVE-2021-26109

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-26109
value: CRITICAL

Trust: 1.0

psirt@fortinet.com: CVE-2021-26109
value: HIGH

Trust: 1.0

NVD: CVE-2021-26109
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202112-529
value: CRITICAL

Trust: 0.6

VULHUB: VHN-385073
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-26109
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-385073
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-26109
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

psirt@fortinet.com: CVE-2021-26109
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-26109
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-385073 // JVNDB: JVNDB-2021-015995 // CNNVD: CNNVD-202112-529 // NVD: CVE-2021-26109 // NVD: CVE-2021-26109

PROBLEMTYPE DATA

problemtype:CWE-190

Trust: 1.1

problemtype:Integer overflow or wraparound (CWE-190) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-385073 // JVNDB: JVNDB-2021-015995 // NVD: CVE-2021-26109

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202112-529

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202112-529

PATCH

title:FG-IR-21-049url:https://www.fortiguard.com/psirt/FG-IR-21-049

Trust: 0.8

title:Fortinet FortiOS Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=174847

Trust: 0.6

sources: JVNDB: JVNDB-2021-015995 // CNNVD: CNNVD-202112-529

EXTERNAL IDS

db:NVDid:CVE-2021-26109

Trust: 3.3

db:JVNDBid:JVNDB-2021-015995

Trust: 0.8

db:CNNVDid:CNNVD-202112-529

Trust: 0.7

db:AUSCERTid:ESB-2021.4143

Trust: 0.6

db:CS-HELPid:SB2021120715

Trust: 0.6

db:VULHUBid:VHN-385073

Trust: 0.1

sources: VULHUB: VHN-385073 // JVNDB: JVNDB-2021-015995 // CNNVD: CNNVD-202112-529 // NVD: CVE-2021-26109

REFERENCES

url:https://fortiguard.com/advisory/fg-ir-21-049

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-26109

Trust: 1.4

url:https://www.auscert.org.au/bulletins/esb-2021.4143

Trust: 0.6

url:https://vigilance.fr/vulnerability/fortios-integer-overflow-via-sslvpn-allocator-37021

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021120715

Trust: 0.6

sources: VULHUB: VHN-385073 // JVNDB: JVNDB-2021-015995 // CNNVD: CNNVD-202112-529 // NVD: CVE-2021-26109

SOURCES

db:VULHUBid:VHN-385073
db:JVNDBid:JVNDB-2021-015995
db:CNNVDid:CNNVD-202112-529
db:NVDid:CVE-2021-26109

LAST UPDATE DATE

2024-08-14T14:44:12.815000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-385073date:2021-12-09T00:00:00
db:JVNDBid:JVNDB-2021-015995date:2022-12-05T05:36:00
db:CNNVDid:CNNVD-202112-529date:2021-12-16T00:00:00
db:NVDid:CVE-2021-26109date:2021-12-09T20:52:35.520

SOURCES RELEASE DATE

db:VULHUBid:VHN-385073date:2021-12-08T00:00:00
db:JVNDBid:JVNDB-2021-015995date:2022-12-05T00:00:00
db:CNNVDid:CNNVD-202112-529date:2021-12-08T00:00:00
db:NVDid:CVE-2021-26109date:2021-12-08T13:15:07.660