How severe is CVE-2021-41030?

CVE-2021-41030 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2021-41030

Name: forticlient_enterprise_management_server
Author: fortinet

5.4MEDIUM

An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user

Publicado: 12/8/2021Actualizado: 11/21/2024

Descripción

An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages.

Análisis IAImpulsado por IA

Productos Afectados

fortinetforticlient_enterprise_management_server

7.0.0

fortinetforticlient_enterprise_management_server

7.0.1

Referencias

https://fortiguard.com/advisory/FG-IR-21-192
PatchVendor Advisory
https://fortiguard.com/advisory/FG-IR-21-192
PatchVendor Advisory