VDB
CVE-2021-32600
CVE-2021-32600
PUBLISHED
CVSS 5 MEDIUM
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and the network interface list.
EPSS 0.28% · 51.9th percentile
Risk Scores
CVSS 3.1
5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:F/RL:X/RC:X
EPSS Score
0.28%
51.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| fortinet | fortios | 5.6.0, 6.0.0, 7.0.0 |
| Fortinet | Fortinet FortiOS | FortiOS 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x, 5.6.x |
Exploit Intelligence
Timeline
- Nov 17, 2021 CVE Published
- Nov 18, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Jan 12, 2022 EPSS Score
- Mar 9, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jun 27, 2022 EPSS Score
- Aug 22, 2022 EPSS Score
- Oct 17, 2022 EPSS Score
- Dec 11, 2022 EPSS Score
- Feb 4, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
References
- https://fortiguard.com/advisory/FG-IR-20-243 url
- https://nvd.nist.gov/vuln/detail/CVE-2021-32600 advisory
- https://www.fortiguard.com/psirt/FG-IR-21-091 advisory
- https://www.fortiguard.com/psirt/FG-IR-21-116 advisory
- https://www.fortiguard.com/psirt/FG-IR-20-189 advisory
- https://www.fortiguard.com/psirt/FG-IR-20-178 advisory
- https://www.fortiguard.com/psirt/FG-IR-20-206 advisory
- https://www.fortiguard.com/psirt/FG-IR-21-068 advisory
- https://www.fortiguard.com/psirt/FG-IR-20-190 advisory
- https://www.fortiguard.com/psirt/FG-IR-21-047 advisory
- https://www.fortiguard.com/psirt/FG-IR-20-241 advisory
- https://www.fortiguard.com/psirt/FG-IR-19-217 advisory
- https://www.fortiguard.com/psirt/FG-IR-20-243 advisory
- https://www.fortiguard.com/psirt/FG-IR-20-070 advisory