CVE-2021-24022

Name of the Vulnerable Software and Affected Versions FortiAnalyzer versions 6.4.5 and earlier, 6.2.7 and earlier, 6.0.x FortiManager versions 6.4.5 and earlier, 6.2.7 and earlier, 6.0.x

Description A buffer overflow issue in the diagnose system geoip-city command may allow an authenticated, local attacker to perform a Denial of Service attack by running the command with a large ip value. The vulnerability is related to the implementation of the diagnose system geoip-city command in the CLI interface of FortiManager and FortiAnalyzer, which can cause a buffer overflow in memory.

Recommendations For FortiAnalyzer versions 6.4.5 and earlier, 6.2.7 and earlier, 6.0.x, consider disabling the diagnose system geoip-city command until a patch is available. For FortiManager versions 6.4.5 and earlier, 6.2.7 and earlier, 6.0.x, consider disabling the diagnose system geoip-city command until a patch is available. Avoid using the diagnose system geoip-city command with large ip values in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.