Skip to main content

Fortianalyzer CVE-2021-32598

MEDIUM
HTTP Request/Response Smuggling (CWE-444)
2021-08-05 psirt@fortinet.com
4.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Aug 05, 2021 - 11:15 nvd
MEDIUM 4.3

DescriptionNVD

An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability In FortiManager and FortiAnalyzer GUI 7.0.0, 6.4.6 and below, 6.2.8 and below, 6.0.11 and below, 5.6.11 and below may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response.

AnalysisAI

An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability In FortiManager and FortiAnalyzer GUI 7.0.0, 6.4.6 and below, 6.2.8 and below, 6.0.11 and below,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as HTTP Request/Response Smuggling (CWE-444), which allows attackers to manipulate HTTP request interpretation between frontend and backend servers. An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability In FortiManager and FortiAnalyzer GUI 7.0.0, 6.4.6 and below, 6.2.8 and below, 6.0.11 and below, 5.6.11 and below may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response. Affected products include: Fortinet Fortianalyzer, Fortinet Fortimanager.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Enforce strict HTTP parsing, normalize requests at proxy layer, use HTTP/2 end-to-end, reject ambiguous headers.

CVE-2023-25610 CRITICAL
9.8 Mar 24

A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0

CVE-2023-42788 MEDIUM POC
6.7 Oct 10

An improper neutralization of special elements used in an os command ('OS Command Injection') vulnerability [CWE-78] in

CVE-2023-44256 MEDIUM POC
6.5 Oct 20

A server-side request forgery vulnerability [CWE-918] in Fortinet FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2

CVE-2023-42787 MEDIUM POC
6.5 Oct 10

A client-side enforcement of server-side security [CWE-602] vulnerability in Fortinet FortiManager version 7.4.0 and bef

CVE-2024-35276 CRITICAL
9.8 Jan 14

Remote code execution in Fortinet FortiManager and FortiAnalyzer (plus their Cloud variants) arises from a stack-based b

CVE-2024-23666 HIGH
8.8 Nov 12

A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData at least version 7.4.0 and 7.2.0 thr

CVE-2022-22300 HIGH
8.8 Mar 01

A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5.6.0 through 5.6.11, Fo

CVE-2020-12817 HIGH
8.8 Sep 24

An improper neutralization of input vulnerability in FortiAnalyzer before 6.4.1 and 6.2.5 may allow a remote authenticat

CVE-2023-22642 HIGH
8.1 Apr 11

An improper certificate validation vulnerability [CWE-295] in FortiAnalyzer and FortiManager 7.2.0 through 7.2.1, 7.0.0

CVE-2024-45331 HIGH
7.8 Jan 16

Local privilege escalation in Fortinet FortiAnalyzer, FortiManager and their Cloud variants allows an already-authentica

CVE-2024-33503 HIGH
7.8 Jan 14

Local privilege escalation in Fortinet FortiManager (6.4.0-6.4.14, 7.0.0-7.0.12, 7.2.0-7.2.5, 7.4.0-7.4.3) and FortiAnal

CVE-2024-21757 HIGH
7.8 Aug 13

A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and v

Share

CVE-2021-32598 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy