Lucene search

FortinetCVELIST:CVE-2021-26096

HistoryAug 04, 2021 - 5:57 p.m.

CVE-2021-26096

2021-08-0417:57:07

fortinet

www.cve.org

6.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.5%

JSON

Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox before 4.0.0 may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments.

CNA Affected

[
  {
    "product": "Fortinet FortiSandbox",
    "vendor": "Fortinet",
    "versions": [
      {
        "status": "affected",
        "version": "FortiSandbox before 4.0.0"
      }
    ]
  }
]

References

fortiguard.com/advisory/FG-IR-20-188

6.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.5%

JSON

Related for CVELIST:CVE-2021-26096