Description
A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA request. The attack requires being able to intercept and decrypt authentication traffic and precise timing to replay the request before token expiration, which raises the attack complexity.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
E
Physical
RL
O
RC
Changed
Affected products
- fortinet / fortisoaron-premise7.5.0 – 7.5.0
- fortinet / fortisoaron-premise7.6.3 – 7.6.3
- fortinet / fortisoaron-premise7.6.2 – 7.6.2
- fortinet / fortisoaron-premise7.6.1 – 7.6.1
- fortinet / fortisoaron-premise7.6.0 – 7.6.0
- fortinet / fortisoaron-premise7.5.2 – 7.5.2
- fortinet / fortisoaron-premise7.5.1 – 7.5.1
- fortinet / fortisoarpaas7.6.3 – 7.6.3
- fortinet / fortisoarpaas7.6.2 – 7.6.2
- fortinet / fortisoarpaas7.6.1 – 7.6.1
- fortinet / fortisoarpaas7.6.0 – 7.6.0
- fortinet / fortisoarpaas7.5.2 – 7.5.2
- fortinet / fortisoarpaas7.5.1 – 7.5.1
- fortinet / fortisoarpaas7.5.0 – 7.5.0
References
- VENDOR_ADVISORYhttps://fortiguard.fortinet.com/psirt/FG-IR-26-101