Описание
An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.2.0 (включая) до 6.2.9 (включая)Версия от 6.4.0 (включая) до 6.4.4 (включая)
Одно из
cpe:2.3:a:fortinet:forticlient_enterprise_management_server:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:forticlient_enterprise_management_server:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:forticlient_enterprise_management_server:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:forticlient_enterprise_management_server:7.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00237
Низкий
5.4 Medium
CVSS3
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-294
Связанные уязвимости
github
около 4 лет назад
An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages.
EPSS
Процентиль: 46%
0.00237
Низкий
5.4 Medium
CVSS3
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-294