{"containers":{"cna":{"affected":[{"product":"Fortinet FortiSandbox","vendor":"Fortinet","versions":[{"status":"affected","version":"FortiSandbox before 3.2.2"}]}],"descriptions":[{"lang":"en","value":"An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"LOW","baseScore":6.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L","version":"3.1"}}],"problemTypes":[{"descriptions":[{"description":"Execute unauthorized code or commands","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2021-07-20T10:28:15.000Z","orgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","shortName":"fortinet"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://fortiguard.com/advisory/FG-IR-21-005"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@fortinet.com","ID":"CVE-2021-22125","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Fortinet FortiSandbox","version":{"version_data":[{"version_value":"FortiSandbox before 3.2.2"}]}}]},"vendor_name":"Fortinet"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file."}]},"impact":{"cvss":{"attackComplexity":"Low","attackVector":"Adjacent","availabilityImpact":"Low","baseScore":6.2,"baseSeverity":"Medium","confidentialityImpact":"None","integrityImpact":"High","privilegesRequired":"Low","scope":"Unchanged","userInteraction":"None","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Execute unauthorized code or commands"}]}]},"references":{"reference_data":[{"name":"https://fortiguard.com/advisory/FG-IR-21-005","refsource":"CONFIRM","url":"https://fortiguard.com/advisory/FG-IR-21-005"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T18:30:24.068Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://fortiguard.com/advisory/FG-IR-21-005"}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-10-23T13:58:38.254063Z","id":"CVE-2021-22125","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-25T13:55:01.159Z"}}]},"cveMetadata":{"assignerOrgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","assignerShortName":"fortinet","cveId":"CVE-2021-22125","datePublished":"2021-07-20T10:28:15.000Z","dateReserved":"2021-01-04T00:00:00.000Z","dateUpdated":"2024-10-25T13:55:01.159Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}