CVE-2021-27215

high-risk
Published 2021-03-03

An issue was discovered in genua genugate before 9.0 Z p19, 9.1.x through 9.6.x before 9.6 p7, and 10.x before 10.1 p4. The Web Interfaces (Admin, Userweb, Sidechannel) can use different methods to perform the authentication of a user. A specific authentication method during login does not check the provided data (when a certain manipulation occurs) and returns OK for any authentication request. This allows an attacker to login to the admin panel as a user of his choice, e.g., the root user (with highest privileges) or even a non-existing user.

Do I need to act?

-
0.71% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (20)

Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate
Genuagate

Affected Vendors

Genua

References (6)

Patch https://kunde.genua.de/en/overview/genugate.html
Exploit https://sec-consult.com/vulnerability-lab/advisory/authentication-bypass-genua-g...
Product https://www.genua.de/en/it-security-solutions/high-resistance-firewall-genugate
Patch https://kunde.genua.de/en/overview/genugate.html
Exploit https://sec-consult.com/vulnerability-lab/advisory/authentication-bypass-genua-g...
Product https://www.genua.de/en/it-security-solutions/high-resistance-firewall-genugate
57
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 2/34 · Minimal
Exposure 23/34 · High