How severe is CVE-2021-41030?

CVE-2021-41030 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2021-41030

Name: forticlient_enterprise_management_server
Author: fortinet

5.4MEDIUM

An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user

公開日: 12/8/2021更新日: 11/21/2024

説明

An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages.

AI分析AIによる分析

影響を受ける製品

fortinetforticlient_enterprise_management_server

7.0.0

fortinetforticlient_enterprise_management_server

7.0.1

参照

https://fortiguard.com/advisory/FG-IR-21-192
PatchVendor Advisory
https://fortiguard.com/advisory/FG-IR-21-192
PatchVendor Advisory