CVE-2021-42757

Published Dec 8, 2021
Last updated 10 months ago
CVSS medium 6.7
Overview

Description: A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.
Source: psirt@fortinet.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 6.7
Impact score: 5.9
Exploitability score: 0.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-787
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6DD5253-F76E-4799-BB45-79D7B7ACFFB1",
            "versionEndIncluding": "6.1.5",
            "versionStartIncluding": "5.0.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "075C4223-7586-4799-AFA8-7B578BD144B5",
            "versionEndIncluding": "6.2.2",
            "versionStartIncluding": "6.2.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF9AE101-566A-4460-AA97-18288BBD7639",
            "versionEndIncluding": "6.4.7",
            "versionStartIncluding": "6.0.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCEB8E5F-BBF2-4E6E-91C6-AA47E2CAD022",
            "versionEndIncluding": "7.0.2",
            "versionStartIncluding": "7.0.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E2DC5CE-ED48-48B7-8654-7B29A65A7454",
            "versionEndIncluding": "6.2.7",
            "versionStartIncluding": "5.4.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0A5C345-7055-4F18-AE77-FF1DBE41AB89",
            "versionEndIncluding": "6.4.6",
            "versionStartIncluding": "6.4.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43038EC9-6FD3-488C-8CA3-8B4A705C3E11",
            "versionEndIncluding": "7.0.2",
            "versionStartIncluding": "7.0.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "958C238F-B3DD-41A7-801D-0C39143A5E09",
            "versionEndIncluding": "6.4.7",
            "versionStartIncluding": "6.0.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C5772DB-7F52-479C-914D-778552395990",
            "versionEndIncluding": "7.0.2",
            "versionStartIncluding": "7.0.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortindr:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F49E4A60-2FA0-4298-BF2E-53C86AF21BEC",
            "versionEndIncluding": "1.5.2",
            "versionStartIncluding": "1.1.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortios-6k7k:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEE493CA-7BE8-454A-82FD-11DB82D8FC3A",
            "versionEndIncluding": "6.2.8"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59BD8EE9-6F94-4EA5-B22B-1B446A15F2A1"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50BDB150-8E02-427D-A9FC-C7C3C90F0584"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D4A0E2F-41C7-4AFB-AC6D-83E7B1A5FC70",
            "versionEndIncluding": "6.0.10",
            "versionStartIncluding": "5.0.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEBD9074-C3A5-437E-AC44-C41E4B001980",
            "versionEndIncluding": "2.0.7",
            "versionStartIncluding": "1.0.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D909C90B-E136-4E8E-B551-FE0369172C1E"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBCB4E87-0AEC-487E-8FAD-E8F647DA21D5"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70E9D9A8-EFF1-4ABE-A04D-FD983443DD3A",
            "versionEndIncluding": "6.0.10",
            "versionStartIncluding": "6.0.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8611A25-64A1-4BCE-AA46-E47DFD607CB2",
            "versionEndIncluding": "6.4.4",
            "versionStartIncluding": "6.4.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FEA2E8B-78B6-40AA-9201-BDF4838950CC",
            "versionEndIncluding": "6.3.16",
            "versionStartIncluding": "5.0.0"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortiweb:6.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74A92A08-E6F6-4522-A6DA-061950AD3525"
          },
          {
            "criteria": "cpe:2.3:a:fortinet:fortiweb:6.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6A3D2C4-C3FA-4E12-9156-DAFEA4E00BCC"
          },
          {
            "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE1C5491-6C94-48A9-8D59-5162E576E54A",
            "versionEndIncluding": "6.0.13",
            "versionStartIncluding": "5.0.0"
          },
          {
            "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4C0308D-8E52-456B-BFC2-62D4C1E9BDC3",
            "versionEndIncluding": "6.2.9",
            "versionStartIncluding": "6.2.0"
          },
          {
            "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D183D979-7F73-4D02-91B7-D0C93DE55A8F",
            "versionEndIncluding": "6.4.7",
            "versionStartIncluding": "6.4.0"
          },
          {
            "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2E9D423-721A-482B-BA6B-52E4D8C07C58",
            "versionEndIncluding": "7.0.2",
            "versionStartIncluding": "7.0.0"
          },
          {
            "criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3E33B56-1975-4B78-A157-E0EADB3BC1B7",
            "versionEndIncluding": "6.0.10",
            "versionStartIncluding": "2.6.0"
          },
          {
            "criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CB7DEA7-E461-43B0-98EB-CE436DE87D98",
            "versionEndIncluding": "6.4.2",
            "versionStartIncluding": "6.4.0"
          },
          {
            "criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6E5A33E-F744-4CC0-ABA0-D1734845AFBB",
            "versionEndIncluding": "6.4.9",
            "versionStartIncluding": "6.0.0"
          },
          {
            "criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB3C99AC-DCA1-44A0-9671-F424109A6038",
            "versionEndIncluding": "7.0.3",
            "versionStartIncluding": "7.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
