Cybersecurity specialists report the discovery of multiple vulnerabilities in FortiManager and FortiAnalyzer, two solutions for management and analysis developed by Fortinet Inc. According to the report, the exploitation of this flaw would allow the deployment of multiple attack variants.
Below are brief descriptions of the reported flaws, in addition to their respective identification keys and scores according to the Common Vulnerability Scoring System (CVSS).
CVE-2021-32598: Vulnerable tools do not correctly process CRLF character sequences in fortiManager and FortiAnalyzer GUI, so a remote user can send a specially crafted request that contains the CRLF stream and have the application send a split HTTP response.
The vulnerability received a CVSS score of 3.8/10 and allows remote users to perform cache poisoning attacks.
CVE-2021-32587: Incorrect access restrictions in affected tools would allow authenticated remote users to retrieve other administrators’ user lists and their related settings.
The flaw received a CVSS score of 3.8/10 and its remote exploitation would allow remote users to gain unauthorized access to otherworldly restricted features.
CVE-2021-32603: Improper validation of user input in the FortiManager and FortiAnalyser GUI would allow remote users to send a specially crafted HTTP request and trick the application into initiating requests to arbitrary systems.
This flaw received a CVSS score of 7.1/10 and its successful exploitation would allow threat actors to deploy a server-side request spoofing (SSRF) attack.
CVE-2021-32597: Improper disinfection of data provided to in the FortiManager and FortiAnalyzer user interface would allow remote threat actors to trick the victim into following a specially crafted link and achieve arbitrary HTML code and script execution in the target user’s browser.
The vulnerability received a CVSS score of 5.3/10 and its successful exploitation would allow threat actors to deploy cross-site scripting (XSS) attacks.
All reported failures reside in the following products and software versions:
- FortiManager: 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5 & 7.0.0
- FortiAnalyzer: 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5 & 7.0.0
While vulnerabilities could be exploited by unauthenticated threat actors by sending specially crafted requests, no active exploit attempts have been detected so far. The flaws have already been addressed, so Fortinet recommends users of affected deployments update as soon as possible.
For further reports on vulnerabilities, exploits, malware variants, cybersecurity risks and information security courses fell free to visit the International Institute of Cyber Security (IICS) websites, as well as the official platforms of technology companies.
