CVE-2021-32600

CWE-200Information Exposure4 documents4 sources
Severity
3.8LOW
EPSS
0.3%
top 48.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fortinet FortiosFortinet Fortinet Fortios
Timeline
PublishedNov 17
Latest updateMay 24

Description

An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and the network interface list.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:NExploitability: 3.1 | Impact: 1.4

Affected Packages2 packages

NVDfortinet/fortios6.2.06.2.10+4
CVEListV5fortinet/fortinet_fortiosFortiOS 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x, 5.6.x

🔴Vulnerability Details

2
GHSA
GHSA-vcfg-hrf9-fp2h: An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 72022-05-24
CVEList
CVE-2021-32600: An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 72021-11-17

📋Vendor Advisories

1
Fortinet
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6...2021-11-17
CVE-2021-32600 (LOW CVSS 3.8) | An exposure of sensitive informatio | cvebase.io