CVE-2021-32586
published 2022-03-01CVE-2021-32586: An improper input validation vulnerability in the web server CGI facilities of FortiMail before 7.0.1 may allow an unauthenticated attacker to alter the…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
An improper input validation vulnerability in the web server CGI facilities of FortiMail before 7.0.1 may allow an unauthenticated attacker to alter the environment of the underlying script interpreter via specifically crafted HTTP requests.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortimail | <= 5.4.12 | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | — | — |
| fortinet | fortimail | >= 6.0.0 < 6.0.12 | 6.0.12 |
| fortinet | fortimail | >= 6.2.0 < 6.2.8 | 6.2.8 |
| fortinet | fortimail | >= 6.4.0 < 6.4.6 | 6.4.6 |
| fortinet | fortinet_fortimail | — | — |