CVE-2021-43204

A improper control of a resource through its lifetime in Fortinet FortiClientWindows version 6.4.1 and 6.4.0, version 6.2.9 and below, version 6.0.10 and below allows attacker to cause a complete denial of service of its components via changes of directory access permissions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
fortinetCNA
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
VendorProductVersion
fortinetforticlient
5.0.0 ≤
𝑥
≤ 5.0.11
fortinetforticlient
5.4.0 ≤
𝑥
≤ 5.4.5
fortinetforticlient
5.6.0 ≤
𝑥
≤ 5.6.6
fortinetforticlient
6.0.0 ≤
𝑥
≤ 6.0.10
fortinetforticlient
6.2.0 ≤
𝑥
≤ 6.2.9
fortinetforticlient
4.0.1
fortinetforticlient
4.0.2
fortinetforticlient
4.0.3
fortinetforticlient
4.0.4
fortinetforticlient
4.1.0
fortinetforticlient
4.1.1
fortinetforticlient
4.1.2
fortinetforticlient
4.1.3
fortinetforticlient
4.2.0
fortinetforticlient
4.2.1
fortinetforticlient
4.2.2
fortinetforticlient
4.2.3
fortinetforticlient
4.2.4
fortinetforticlient
4.2.5
fortinetforticlient
4.2.6
fortinetforticlient
4.2.7
fortinetforticlient
4.3.0
fortinetforticlient
4.3.1
fortinetforticlient
4.3.2
fortinetforticlient
4.3.3
fortinetforticlient
4.3.4
fortinetforticlient
4.3.5
fortinetforticlient
5.2.0
fortinetforticlient
5.2.1
fortinetforticlient
5.2.2
fortinetforticlient
5.2.3
fortinetforticlient
5.2.4
fortinetforticlient
5.2.5
fortinetforticlient
5.2.6
fortinetforticlient
6.4.0
fortinetforticlient
6.4.1
𝑥
= Vulnerable software versions
References
https://fortiguard.com/advisory/FG-IR-21-167
https://fortiguard.com/advisory/FG-IR-21-167