[FAZ/FMG] Buffer overflow vulnerability in the IP parameter of the diagnose system geoip-city ip CLI command Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-20-194 Final 1 1 2021-07-07T00:00:00 Current version 2021-07-07T00:00:00 2021-07-07T00:00:00 A buffer overflow vulnerability in FortiAnalyzer and FortiManager CLI may allow an authenticated, local attacker to perform a Denial of Service attack by running the diagnose system geoip-city command with a large ip value. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution. Execute unauthorized code or commands FortiAnalyzer versions 6.4.5 and below.FortiAnalyzer versions 6.2.7 and below.FortiAnalyzer versions 6.0.xFortiManager versions 6.4.5 and below.FortiManager versions 6.2.7 and below.FortiManager versions 6.0.x Please upgrade to FortiAnalyzer version 7.0.0 or above.Please upgrade to FortiAnalyzer version 6.4.6 or above.Please upgrade to FortiAnalyzer version 6.2.8 or above.Please upgrade to FortiManager version 7.0.0 or above.Please upgrade to FortiManager version 6.4.6 or above.Please upgrade to FortiManager version 6.2.8 or above. CVE-2021-24022 6.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:X/RC:X https://fortiguard.fortinet.com/psirt/FG-IR-20-194 [FAZ/FMG] Buffer overflow vulnerability in the IP parameter of the diagnose system geoip-city ip CLI command Reference>