Details of VAR-201712-1096

ID

VAR-201712-1096

CVE

CVE-2017-7344

TITLE

Fortinet FortiClient Windows Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2017-011497

DESCRIPTION

A privilege escalation in Fortinet FortiClient Windows 5.4.3 and earlier as well as 5.6.0 allows attacker to gain privilege via exploiting the Windows "security alert" dialog thereby popping up when the "VPN before logon" feature is enabled and an untrusted certificate chain. Fortinet FortiClient Windows Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Fortinet FortiClient is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. The following products are vulnerable: FortiClient Windows 5.6.0 FortiClient Windows 5.4.3 and prior. Fortinet FortiClient WindowsFortinet FortiClient for Windows is a set of mobile terminal security solutions based on the Windows platform from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to FortiGate firewall appliances. An escalation of privilege vulnerability exists in Fortinet FortiClient Windows 5.4.3 and earlier versions and 5.6.0

Trust: 2.07

sources: NVD: CVE-2017-7344 // JVNDB: JVNDB-2017-011497 // BID: 102176 // VULHUB: VHN-115547 // VULMON: CVE-2017-7344

AFFECTED PRODUCTS

vendor:	fortinet	model:	forticlient	scope:	eq	version:	5.6.0	Trust: 1.6
vendor:	fortinet	model:	forticlient	scope:	lte	version:	5.4.3	Trust: 1.0
vendor:	fortinet	model:	forticlient	scope:	eq	version:	5.4.3	Trust: 0.9
vendor:	fortinet	model:	forticlient	scope:	lte	version:	windows 5.4.3	Trust: 0.8
vendor:	fortinet	model:	forticlient	scope:	eq	version:	windows 5.6.0	Trust: 0.8
vendor:	fortinet	model:	forticlient	scope:	eq	version:	5.6	Trust: 0.3
vendor:	fortinet	model:	forticlient	scope:	eq	version:	5.4.2	Trust: 0.3
vendor:	fortinet	model:	forticlient	scope:	eq	version:	5.4.1	Trust: 0.3
vendor:	fortinet	model:	forticlient	scope:	eq	version:	5.4	Trust: 0.3
vendor:	fortinet	model:	forticlient	scope:	ne	version:	5.6.1	Trust: 0.3
vendor:	fortinet	model:	forticlient	scope:	ne	version:	5.4.4	Trust: 0.3

sources: BID: 102176 // JVNDB: JVNDB-2017-011497 // NVD: CVE-2017-7344 // CNNVD: CNNVD-201703-1370

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2017-7344
value:	HIGH
Trust: 1.8
CNNVD:	CNNVD-201703-1370
value:	HIGH
Trust: 0.6
VULHUB:	VHN-115547
value:	HIGH
Trust: 0.1
VULMON:	CVE-2017-7344
value:	HIGH
Trust: 0.1

NVD:
severity:	HIGH
baseScore:	7.6
vectorString:	AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	10.0
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2017-7344
severity:	HIGH
baseScore:	7.6
vectorString:	AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.9
VULHUB:	VHN-115547
severity:	HIGH
baseScore:	7.6
vectorString:	AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	CVE-2017-7344
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-115547 // VULMON: CVE-2017-7344 // JVNDB: JVNDB-2017-011497 // NVD: CVE-2017-7344 // CNNVD: CNNVD-201703-1370

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-264	Trust: 0.9

sources: VULHUB: VHN-115547 // JVNDB: JVNDB-2017-011497 // NVD: CVE-2017-7344

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-1370

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201703-1370

CONFIGURATIONS

sources: NVD: CVE-2017-7344

PATCH

title:	FG-IR-17-070	url:	https://fortiguard.com/psirt/fg-ir-17-070	Trust: 0.8
title:	Fortinet FortiClient Windows Fixes for permission permissions and access control vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=99698	Trust: 0.6
title:	Awesome CVE PoC	url:	https://github.com/lnick2023/nicenice	Trust: 0.1
title:	Awesome CVE PoC	url:	https://github.com/xbl3/awesome-cve-poc_qazbnm456	Trust: 0.1
title:	Awesome CVE PoC	url:	https://github.com/qazbnm456/awesome-cve-poc	Trust: 0.1

sources: VULMON: CVE-2017-7344 // JVNDB: JVNDB-2017-011497 // CNNVD: CNNVD-201703-1370

EXTERNAL IDS

db:	NVD	id:	CVE-2017-7344	Trust: 2.9
db:	BID	id:	102176	Trust: 2.1
db:	JVNDB	id:	JVNDB-2017-011497	Trust: 0.8
db:	CNNVD	id:	CNNVD-201703-1370	Trust: 0.7
db:	PACKETSTORM	id:	145611	Trust: 0.1
db:	VULHUB	id:	VHN-115547	Trust: 0.1
db:	VULMON	id:	CVE-2017-7344	Trust: 0.1

sources: VULHUB: VHN-115547 // VULMON: CVE-2017-7344 // BID: 102176 // JVNDB: JVNDB-2017-011497 // NVD: CVE-2017-7344 // CNNVD: CNNVD-201703-1370

REFERENCES

url:	http://www.securityfocus.com/bid/102176	Trust: 1.9
url:	https://fortiguard.com/advisory/fg-ir-17-070	Trust: 1.8
url:	https://securite.intrinsec.com/2017/12/22/cve-2017-7344-fortinet-forticlient-windows-privilege-escalation-at-logon/	Trust: 1.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7344	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7344	Trust: 0.8
url:	http://www.fortinet.com/	Trust: 0.3
url:	https://fortiguard.com/psirt/fg-ir-17-070	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/lnick2023/nicenice	Trust: 0.1
url:	https://github.com/qazbnm456/awesome-cve-poc	Trust: 0.1

sources: VULHUB: VHN-115547 // VULMON: CVE-2017-7344 // BID: 102176 // JVNDB: JVNDB-2017-011497 // NVD: CVE-2017-7344 // CNNVD: CNNVD-201703-1370

CREDITS

Clement NOTIN of INTRINSEC.

Trust: 0.3

sources: BID: 102176

SOURCES

db:	VULHUB	id:	VHN-115547
db:	VULMON	id:	CVE-2017-7344
db:	BID	id:	102176
db:	JVNDB	id:	JVNDB-2017-011497
db:	NVD	id:	CVE-2017-7344
db:	CNNVD	id:	CNNVD-201703-1370

LAST UPDATE DATE

2023-12-26T23:14:56.817000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-115547	date:	2019-10-03T00:00:00
db:	VULMON	id:	CVE-2017-7344	date:	2019-10-03T00:00:00
db:	BID	id:	102176	date:	2017-12-19T22:38:00
db:	JVNDB	id:	JVNDB-2017-011497	date:	2018-01-17T00:00:00
db:	NVD	id:	CVE-2017-7344	date:	2019-10-03T00:03:26.223
db:	CNNVD	id:	CNNVD-201703-1370	date:	2019-10-23T00:00:00

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-115547	date:	2017-12-14T00:00:00
db:	VULMON	id:	CVE-2017-7344	date:	2017-12-14T00:00:00
db:	BID	id:	102176	date:	2017-12-12T00:00:00
db:	JVNDB	id:	JVNDB-2017-011497	date:	2018-01-17T00:00:00
db:	NVD	id:	CVE-2017-7344	date:	2017-12-14T18:29:00.210
db:	CNNVD	id:	CNNVD-201703-1370	date:	2017-03-31T00:00:00