Fortiguard

FortiWeb - Multiple vulnerabilities in the authentication mechanism of confd

Summary

Multiple vulnerabilities in the authentication mechanism of FortiWeb's confd, including an instance of concurrent execution using shared resource with improper synchronization [CWE-362] and one of authentication bypass by capture-replay [CWE-294], may allow a remote unauthenticated attacker to circumvent the authentication process and authenticate as a legitimate cluster peer.

Affected Products

FortiWeb versions 6.4.1 and below.
FortiWeb versions 6.3.15 and below.
FortiWeb versions 6.2.6 and below.
FortiWeb versions 6.1.2 and below.
FortiWeb versions 6.3.15 and below.
FortiWeb versions 6.0.7 and below.
FortiADC versions 7.0.2 and below.
FortiADC versions 6.2.4 and below.
FortiADC 6.1, 6.0, 5.4, 5.3, 5.2,5.1,5.0 all versions

Solutions

Please upgrade to FortiWeb 7.0.0 or above.
Please upgrade to FortiWeb 6.4.2 or above.
Please upgrade to FortiWeb 6.3.16 or above.

Please upgrade to FortiADC version 7.1.0 or above
Please upgrade to FortiADC version 7.0.3 or above
Please upgrade to FortiADC version 6.2.5 or above

Acknowledgement

Internally discovered and reported by Giuseppe Cocomazzi of Fortinet Product Security team.

IR Number	FG-IR-21-130
Date	Dec 7, 2021
Severity	Medium
CVSSv3 Score	6.9
Impact	Improper access control
CVE ID	CVE-tmp-2021-2684
CVRF	Download

Network

Files and Endpoint

Application

Additional SOC Services

PSIRT Advisories

FortiWeb - Multiple vulnerabilities in the authentication mechanism of confd

Summary

Affected Products

Solutions

Acknowledgement

News / Research

Network

Files and Endpoint

Application

Additional SOC Services

FortiGate

FortiDeceptor

FortiClient

FortiMail

FortiEDR

FortiADC

FortiAnalyzer

FortiCWP

FortiWeb

FortiNDR

FortiSandBox

FortiTester

Threat Lookup

PSIRT

Resources

PSIRT Advisories

FortiWeb - Multiple vulnerabilities in the authentication mechanism of confd

Summary

Affected Products

Solutions

Acknowledgement