Multiple vulnerabilities in Fortinet FortiPortal

Published: 2021-11-16

Risk	Low
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2021-36174 CVE-2021-36181
CWE-ID	CWE-789 CWE-362
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	FortiPortal Server applications / IDS/IPS systems, Firewalls and proxy servers
Vendor	Fortinet, Inc

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Uncontrolled Memory Allocation

EUVDB-ID: #VU58183

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-36174

CWE-ID: CWE-789 - Uncontrolled Memory Allocation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper allocation of memory in the license verification function. A remote attacker can use a specially crafted license blobs and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

FortiPortal: 4.0.0 - 6.0.5

External links

http://fortiguard.com/advisory/FG-IR-21-109

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Race condition

EUVDB-ID: #VU58186

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-36181

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')