CVE-2023-48788 – Fortinet FortiClient EMS SQL Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-48788
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets. Una neutralización inadecuada de elementos especiales utilizados en un comando sql ("inyección sql") en Fortinet FortiClientEMS versión 7.2.0 a 7.2.2, FortiClientEMS 7.0.1 a 7.0.10 permite a un atacante ejecutar código o comandos no autorizados a través de paquetes especialmente manipulados. A remote SQL injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server) versions 7.2.0 through 7.2.2 and 7.0.1 through 7.0.10. FortiClient EMS serves as an endpoint management solution tailored for enterprises, offering a centralized platform for overseeing enrolled endpoints. The SQL injection vulnerability is due to user controller strings which can be sent directly into database queries. • https://github.com/horizon3ai/CVE-2023-48788 https://fortiguard.com/psirt/FG-IR-24-007 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-45581
https://notcve.org/view.php?id=CVE-2023-45581
An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version 7.2.0 through 7.2.2 and before 7.0.10 allows an Site administrator with Super Admin privileges to perform global administrative operations affecting other sites via crafted HTTP or HTTPS requests. Una vulnerabilidad de administración de privilegios inadecuada [CWE-269] en Fortinet FortiClientEMS versión 7.2.0 a 7.2.2 y anteriores a 7.0.10 permite a un administrador del sitio con privilegios de superadministrador realizar operaciones administrativas globales que afectan a otros sitios a través de solicitudes HTTP o HTTPS manipuladas. • https://fortiguard.com/psirt/FG-IR-23-357 • CWE-269: Improper Privilege Management •
CVE-2021-36189
https://notcve.org/view.php?id=CVE-2021-36189
A missing encryption of sensitive data in Fortinet FortiClientEMS version 7.0.1 and below, version 6.4.4 and below allows attacker to information disclosure via inspecting browser decrypted data Una falta de encriptación de datos confidenciales en Fortinet FortiClientEMS versión 7.0.1 y anteriores, versión 6.4.4 y anteriores permite a un atacante la divulgación de información por medio de la inspección de los datos descifrados del navegador • https://fortiguard.com/advisory/FG-IR-21-140 • CWE-311: Missing Encryption of Sensitive Data •
CVE-2021-41030
https://notcve.org/view.php?id=CVE-2021-41030
An authentication bypass by capture-replay vulnerability [CWE-294] in FortiClient EMS versions 7.0.1 and below and 6.4.4 and below may allow an unauthenticated attacker to impersonate an existing user by intercepting and re-using valid SAML authentication messages. Una vulnerabilidad de omisión de autenticación por captura-repetición [CWE-294] en FortiClient EMS versiones 7.0.1 y anteriores y versiones 6.4.4 y anteriores, puede permitir a un atacante no autenticado hacerse pasar por un usuario existente al interceptar y reusar mensajes de autenticación SAML válidos • https://fortiguard.com/advisory/FG-IR-21-192 • CWE-294: Authentication Bypass by Capture-replay •