{"containers":{"cna":{"affected":[{"product":"Fortinet FortiMail","vendor":"Fortinet","versions":[{"status":"affected","version":"FortiMail before 7.0.1"}]}],"descriptions":[{"lang":"en","value":"An improper input validation vulnerability in the web server CGI facilities of FortiMail before 7.0.1 may allow an unauthenticated attacker to alter the environment of the underlying script interpreter via specifically crafted HTTP requests."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":7.7,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","exploitCodeMaturity":"PROOF_OF_CONCEPT","integrityImpact":"HIGH","privilegesRequired":"NONE","remediationLevel":"NOT_DEFINED","reportConfidence":"NOT_DEFINED","scope":"UNCHANGED","temporalScore":7.3,"temporalSeverity":"HIGH","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L/E:P/RL:X/RC:X","version":"3.1"}}],"problemTypes":[{"descriptions":[{"description":"Execute unauthorized code or commands","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2022-03-01T18:20:10.000Z","orgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","shortName":"fortinet"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://fortiguard.com/psirt/FG-IR-21-008"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@fortinet.com","ID":"CVE-2021-32586","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Fortinet FortiMail","version":{"version_data":[{"version_value":"FortiMail before 7.0.1"}]}}]},"vendor_name":"Fortinet"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An improper input validation vulnerability in the web server CGI facilities of FortiMail before 7.0.1 may allow an unauthenticated attacker to alter the environment of the underlying script interpreter via specifically crafted HTTP requests."}]},"impact":{"cvss":{"attackComplexity":"High","attackVector":"Network","availabilityImpact":"Low","baseScore":7.3,"baseSeverity":"High","confidentialityImpact":"High","integrityImpact":"High","privilegesRequired":"None","scope":"Unchanged","userInteraction":"None","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L/E:P/RL:X/RC:X","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Execute unauthorized code or commands"}]}]},"references":{"reference_data":[{"name":"https://fortiguard.com/psirt/FG-IR-21-008","refsource":"CONFIRM","url":"https://fortiguard.com/psirt/FG-IR-21-008"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T23:25:30.305Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://fortiguard.com/psirt/FG-IR-21-008"}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-10-23T14:12:52.549603Z","id":"CVE-2021-32586","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-25T13:35:06.205Z"}}]},"cveMetadata":{"assignerOrgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","assignerShortName":"fortinet","cveId":"CVE-2021-32586","datePublished":"2022-03-01T18:20:10.000Z","dateReserved":"2021-05-11T00:00:00.000Z","dateUpdated":"2024-10-25T13:35:06.205Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}