CVE-2021-26088 - OpenCVE

An improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO firewall policy and access the protected network via sending specifically crafted UDP login notification packets.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:A/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fortinet	Fortinet Single Sign-on

Configuration 1 [-]

OR	cpe:2.3:a:fortinet:fortinet_single_sign-on::::::::
	cpe:2.3:a:fortinet:fortinet_single_sign-on::::::::

No data.

References

Link	Providers
https://fortiguard.com/advisory/FG-IR-20-191

History

No history.

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2021-07-12T13:21:41

Updated: 2024-08-03T20:19:19.607Z

Reserved: 2021-01-25T00:00:00

Link: CVE-2021-26088

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-07-12T14:15:08.113

Modified: 2021-08-02T17:48:37.477

Link: CVE-2021-26088

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Fortinet FSSO Windows DC Agent, FSSO Windows CA", "vendor": "Fortinet", "versions": [{"status": "affected", "version": "FSSO Windows DC Agent 5.0.295, 5.0.294; FSSO Windows CA 5.0.295, 5.0.294"}]}], "descriptions": [{"lang": "en", "value": "An improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO firewall policy and access the protected network via sending specifically crafted UDP login notification packets."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "CWE 287 - Improper Authentication", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-07-12T13:21:41", "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://fortiguard.com/advisory/FG-IR-20-191"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@fortinet.com", "ID": "CVE-2021-26088", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Fortinet FSSO Windows DC Agent, FSSO Windows CA", "version": {"version_data": [{"version_value": "FSSO Windows DC Agent 5.0.295, 5.0.294; FSSO Windows CA 5.0.295, 5.0.294"}]}}]}, "vendor_name": "Fortinet"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO firewall policy and access the protected network via sending specifically crafted UDP login notification packets."}]}, "impact": {"cvss": {"attackComplexity": "Low", "attackVector": "Adjacent", "availabilityImpact": "Low", "baseScore": 6.7, "baseSeverity": "Medium", "confidentialityImpact": "Low", "integrityImpact": "Low", "privilegesRequired": "None", "scope": "Changed", "userInteraction": "None", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE 287 - Improper Authentication"}]}]}, "references": {"reference_data": [{"name": "https://fortiguard.com/advisory/FG-IR-20-191", "refsource": "CONFIRM", "url": "https://fortiguard.com/advisory/FG-IR-20-191"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:19:19.607Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://fortiguard.com/advisory/FG-IR-20-191"}]}]}, "cveMetadata": {"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "assignerShortName": "fortinet", "cveId": "CVE-2021-26088", "datePublished": "2021-07-12T13:21:41", "dateReserved": "2021-01-25T00:00:00", "dateUpdated": "2024-08-03T20:19:19.607Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortinet_single_sign-on:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9C9AF5B-2891-4908-B559-186BD7B3CF3A", "versionEndExcluding": "6.4.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortinet_single_sign-on:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8245F68-9860-40E6-9F45-8B1789FA5620", "versionEndExcluding": "7.0.1", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO firewall policy and access the protected network via sending specifically crafted UDP login notification packets."}, {"lang": "es", "value": "Una vulnerabilidad de autenticaci\u00f3n inapropiada en FSSO Collector versiones 5.0.295 de y posteriores, puede permitir a un usuario no autenticado omitir una pol\u00edtica de firewall de FSSO y acceder a la red protegida por medio del env\u00edo de paquetes de notificaci\u00f3n de inicio de sesi\u00f3n UDP espec\u00edficamente dise\u00f1ados"}], "id": "CVE-2021-26088", "lastModified": "2021-08-02T17:48:37.477", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.7, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2021-07-12T14:15:08.113", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/advisory/FG-IR-20-191"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}