ID

VAR-202207-0115


CVE

CVE-2021-42755


TITLE

plural  Fortinet  Integer overflow vulnerability in product

Trust: 0.8

sources: JVNDB: JVNDB-2022-015239

DESCRIPTION

An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service. plural Fortinet The product contains an integer overflow vulnerability.Service operation interruption (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2021-42755 // JVNDB: JVNDB-2022-015239 // VULHUB: VHN-403817 // VULMON: CVE-2021-42755

AFFECTED PRODUCTS

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.4.5

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.13

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.10

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.4.6

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.2.8

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.0.8

Trust: 1.0

vendor:fortinetmodel:fortiswitchscope:lteversion:7.0.2

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.4.0

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.0.6

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.17

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.2.6

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.4.1

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:lteversion:2.0.6

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.3

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.4

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.0.10

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.26

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.4.2

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.9

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.15

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.12

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.14

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.0.7

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.3

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.12

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.20

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.4.3

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.4.7

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.2.4

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.0.1

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.21

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.13

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.0.4

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:eqversion:7.0.0

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.0.5

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.13

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:7.0.1

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.11

Trust: 1.0

vendor:fortinetmodel:fortiswitchscope:gteversion:6.4.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.11

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.3

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.6

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:gteversion:2.0.0

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.22

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.23

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.0.2

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.12

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.2.1

Trust: 1.0

vendor:fortinetmodel:fortiswitchscope:gteversion:7.0.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.4.0

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.8

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.5

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.6

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.0.10

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:gteversion:1.1.0

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.1

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.0.8

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.2

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.10

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.16

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.2.3

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.10

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.4

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.1

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.0.7

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.25

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:lteversion:1.0.7

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.0.1

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.24

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.14

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.7

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.2.10

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.4.3

Trust: 1.0

vendor:fortinetmodel:fortiswitchscope:gteversion:6.2.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.1

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.5

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.4

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.4.1

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.5

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:lteversion:1.1.6

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.6

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.2.0

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.0.3

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:gteversion:1.0.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.2

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.13

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.2.5

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.4.2

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.8

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.0.9

Trust: 1.0

vendor:fortinetmodel:fortiswitchscope:lteversion:6.4.9

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.8

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.1

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.0.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.9

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.5

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.10

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.2.2

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.2.9

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.19

Trust: 1.0

vendor:fortinetmodel:fortiswitchscope:lteversion:6.2.7

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.0

Trust: 1.0

vendor:fortinetmodel:fortiswitchscope:lteversion:6.0.7

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.4.0

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.0.6

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.7

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.11

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.18

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:7.0.2

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.4

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.7

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.14

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.12

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:7.0.0

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:gteversion:1.2.0

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.4.1

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.0.0

Trust: 1.0

vendor:fortinetmodel:fortiswitchscope:gteversion:6.0.0

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.0.3

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.8

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.9

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:5.3.2

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.0.0

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.4.2

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.11

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.7

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.2

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.4.4

Trust: 1.0

vendor:fortinetmodel:fortivoicescope:eqversion:6.0.9

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.0.4

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.0.5

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:lteversion:1.2.13

Trust: 1.0

vendor:fortinetmodel:fortirecorderscope:eqversion:6.0.2

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:6.2.7

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.6.3

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.6

Trust: 1.0

vendor:フォーティネットmodel:fortirecorderscope: - version: -

Trust: 0.8

vendor:フォーティネットmodel:fortiosscope: - version: -

Trust: 0.8

vendor:フォーティネットmodel:fortivoicescope: - version: -

Trust: 0.8

vendor:フォーティネットmodel:fortiswitchscope: - version: -

Trust: 0.8

vendor:フォーティネットmodel:fortiproxyscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-015239 // NVD: CVE-2021-42755

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-42755
value: MEDIUM

Trust: 1.0

psirt@fortinet.com: CVE-2021-42755
value: MEDIUM

Trust: 1.0

OTHER: JVNDB-2022-015239
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202207-378
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2021-42755
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.1

Trust: 2.0

OTHER: JVNDB-2022-015239
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-015239 // CNNVD: CNNVD-202207-378 // NVD: CVE-2021-42755 // NVD: CVE-2021-42755

PROBLEMTYPE DATA

problemtype:CWE-190

Trust: 1.1

problemtype:Integer overflow or wraparound (CWE-190) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-403817 // JVNDB: JVNDB-2022-015239 // NVD: CVE-2021-42755

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202207-378

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202207-378

PATCH

title:FG-IR-21-155url:https://www.fortiguard.com/psirt/FG-IR-21-155

Trust: 0.8

title:Fortinet FortiVoice Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=198709

Trust: 0.6

sources: JVNDB: JVNDB-2022-015239 // CNNVD: CNNVD-202207-378

EXTERNAL IDS

db:NVDid:CVE-2021-42755

Trust: 3.4

db:JVNDBid:JVNDB-2022-015239

Trust: 0.8

db:CS-HELPid:SB2022070520

Trust: 0.6

db:AUSCERTid:ESB-2022.3308

Trust: 0.6

db:CNNVDid:CNNVD-202207-378

Trust: 0.6

db:VULHUBid:VHN-403817

Trust: 0.1

db:VULMONid:CVE-2021-42755

Trust: 0.1

sources: VULHUB: VHN-403817 // VULMON: CVE-2021-42755 // JVNDB: JVNDB-2022-015239 // CNNVD: CNNVD-202207-378 // NVD: CVE-2021-42755

REFERENCES

url:https://fortiguard.com/psirt/fg-ir-21-155

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-42755

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2022070520

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3308

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2021-42755/

Trust: 0.6

url:https://vigilance.fr/vulnerability/fortinet-fortios-integer-overflow-via-dhcpd-38738

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-403817 // VULMON: CVE-2021-42755 // JVNDB: JVNDB-2022-015239 // CNNVD: CNNVD-202207-378 // NVD: CVE-2021-42755

SOURCES

db:VULHUBid:VHN-403817
db:VULMONid:CVE-2021-42755
db:JVNDBid:JVNDB-2022-015239
db:CNNVDid:CNNVD-202207-378
db:NVDid:CVE-2021-42755

LAST UPDATE DATE

2024-08-14T14:02:31.490000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-403817date:2022-07-25T00:00:00
db:VULMONid:CVE-2021-42755date:2022-07-18T00:00:00
db:JVNDBid:JVNDB-2022-015239date:2023-09-26T02:13:00
db:CNNVDid:CNNVD-202207-378date:2022-07-29T00:00:00
db:NVDid:CVE-2021-42755date:2024-01-18T15:48:06.043

SOURCES RELEASE DATE

db:VULHUBid:VHN-403817date:2022-07-18T00:00:00
db:VULMONid:CVE-2021-42755date:2022-07-18T00:00:00
db:JVNDBid:JVNDB-2022-015239date:2023-09-26T00:00:00
db:CNNVDid:CNNVD-202207-378date:2022-07-05T00:00:00
db:NVDid:CVE-2021-42755date:2022-07-18T17:15:08.413