SAML SSO replay attack Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-21-192 Final 1 1 2021-12-07T00:00:00 Current version 2021-12-07T00:00:00 2021-12-07T00:00:00 An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages. None Escalation of privilege FortiClientEMS version 7.0.1 and below.FortiClientEMS version 6.4.4 and below. Please upgrade to FortiClientEMS version 6.4.7 or above.Please upgrade to FortiClientEMS version 7.0.2 or above. Internally discovered and reported by Fortinet CVE-2021-41030 5.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-21-192 SAML SSO replay attack Reference>