CVE-2021-41025

Multiple vulnerabilities in the authentication mechanism of confd in FortiWeb versions 6.4.1, 6.4.0, 6.3.0 through 6.3.15, 6.2.0 through 6.2.6, 6.1.0 through 6.1.2, 6.0.0 thorugh 6.0.7, including an instance of concurrent execution using shared resource with improper synchronization and one of authentication bypass by capture-replay, may allow a remote unauthenticated attacker to circumvent the authentication process and authenticate as a legitimate cluster peer.

Published: Dec 8, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-41025
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-362

Affected Software
References

Software	From	Fixed in
fortinet / fortiweb	6.4.0	6.4.0.x
fortinet / fortiweb	6.3.0	6.3.15.x
fortinet / fortiweb	6.4.1	6.4.1.x
fortinet / fortiweb	6.1.0	6.1.0.x
fortinet / fortiweb	6.1.1	6.1.1.x
fortinet / fortiweb	6.0.0	6.0.7.x
fortinet / fortiweb	6.1.2	6.1.2.x
fortinet / fortiweb	6.2.0	6.2.6.x
fortinet / fortiweb	6.4.2	6.4.2.x

https://fortiguard.com/advisory/FG-IR-21-130

Vulnerability Database

289,784

CVE-2021-41025