===================================================================== CERT-Renater Note d'Information No. 2021/VULN101 ____________________________________________________________________ DATE : 02/03/2022 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S) : Systems running FortiWLM versions prior to 8.6.3. ===================================================================== https://www.fortiguard.com/psirt/FG-IR-21-106 https://www.fortiguard.com/psirt/FG-IR-21-189 https://www.fortiguard.com/psirt/FG-IR-21-128 _____________________________________________________________________ IR Number FG-IR-21-106 Date Mar 1, 2022 CVSSv3 Score 5.3 Impact Information disclosure CVE ID CVE-2021-43070 Affected Products FortiWLM: 8.6.2, 8.6.1, 8.6.0, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2 FortiWLM - Path traversal vulnerability Summary Multiple relative path traversal vulnerabilities [CWE-23] in FortiWLM management interface may allow an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests. Affected Products FortiWLM versions 8.6.2 and below. FortiWLM versions 8.5.2 and below. FortiWLM versions 8.4.2 and below. FortiWLM versions 8.3.3 and below. Solutions Upgrade to FortiWLM 8.6.3 or above. _____________________________________________________________________ IR Number FG-IR-21-189 Date Mar 1, 2022 CVSSv3 Score 8.3 Impact Execute unauthorized code or commands CVE ID CVE-2021-43077 Affected Products FortiWLM: 8.6.2, 8.6.1, 8.6.0, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2 FortiWLM - SQL Injection in AP report handlers Summary An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in FortiWLM may allow an authenticated attacker to alter the query logic and execute arbitrary SQL statements via crafted HTTP requests to the AP monitor handlers. Affected Products FortiWLM version 8.6.2 and below. FortiWLM version 8.5.2 and below. FortiWLM version 8.4.2 and below. FortiWLM version 8.3.2 and below. Solutions Upgrade to FortiWLM version 8.6.3 or above. Acknowledgement Internally discovered and reported by Mattia Fecit of Fortinet Product Security team. _____________________________________________________________________ IR Number FG-IR-21-128 Date Mar 1, 2022 CVSSv3 Score 8.3 Impact Execute unauthorized code or commands CVE ID CVE-2021-43075 Affected Products FortiWLM: 8.6.2, 8.6.1, 8.6.0, 8.5.3, 8.5.2, 8.5.1, 8.5.0, 8.4.2, 8.4.1, 8.4.0, 8.3.2, 8.3.1, 8.3.0, 8.2.2 FortiWLM - command Injection in script handlers Summary An improper neutralization of special elements used in an OS command ('OS Command Injection') [CWE-78] vulnerability in FortiWLM may allow an authenticated attacker to execute arbitrary shell commands via crafted HTTP requests to the alarm dashboard and controller config handlers. Affected Products FortiWLM version 8.6.2 and below FortiWLM version 8.5.2 and below FortiWLM version 8.4.2 and below Solutions Upgrade to FortiWLM version 8.6.3 or above. Acknowledgement Internally discovered and reported by Mattia Fecit of Fortinet Product Security Team. ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================