Authentication Bypass in FortiClient EMS by Fortinet
CVE-2021-41030

5.4MEDIUM

Key Information:

Vendor: Fortinet
Status: Fortinet Forticlientems
Vendor: CVE Published:; 8 December 2021

Summary

An authentication bypass vulnerability exists in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below, which could be exploited by an unauthenticated attacker. This flaw allows the attacker to impersonate existing users by intercepting and reusing valid SAML authentication messages, effectively bypassing authentication mechanisms and posing a significant risk to the security of the affected systems.

Affected Version(s)

Fortinet FortiClientEMS FortiClientEMS 7.0.1, 7.0.0, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0

References

https://fortiguard.com/advisory/FG-IR-21-192

x_refsource_CONFIRM

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 8, 2021
Vulnerability Reserved
Sep 13, 2021