virus logo PSIRT

[FAZ/FMG] Buffer overflow vulnerability in the IP parameter of the diagnose system geoip-city ip CLI command

Summary

A buffer overflow vulnerability in FortiAnalyzer and FortiManager CLI may allow an authenticated, local attacker to perform a Denial of Service attack by running the diagnose system geoip-city command with a large ip value. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.

Affected Products

FortiAnalyzer versions 6.4.5 and below.
FortiAnalyzer versions 6.2.7 and below.
FortiAnalyzer versions 6.0.x
FortiManager versions 6.4.5 and below.
FortiManager versions 6.2.7 and below.
FortiManager versions 6.0.x

Solutions

Please upgrade to FortiAnalyzer version 7.0.0 or above.
Please upgrade to FortiAnalyzer version 6.4.6 or above.
Please upgrade to FortiAnalyzer version 6.2.8 or above.
Please upgrade to FortiManager version 7.0.0 or above.
Please upgrade to FortiManager version 6.4.6 or above.
Please upgrade to FortiManager version 6.2.8 or above.

Timeline

2021-07-07: Initial publication

IR Number FG-IR-20-194
Published Date Jul 7, 2021
Component CLI
Severity Medium
CVSSv3 Score 6.1
Impact Execute unauthorized code or commands
CVE ID CVE-2021-24022
CVRF Download