{"containers":{"cna":{"affected":[{"product":"Fortinet FortiNAC","vendor":"Fortinet","versions":[{"status":"affected","version":"FortiNAC 9.2.0, 9.1.3, 9.1.2, 9.1.1, 9.1.0, 8.8.9, 8.8.8, 8.8.7, 8.8.6, 8.8.5, 8.8.4, 8.8.3, 8.8.2, 8.8.1, 8.8.0"}]}],"descriptions":[{"lang":"en","value":"A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system data."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","exploitCodeMaturity":"FUNCTIONAL","integrityImpact":"HIGH","privilegesRequired":"LOW","remediationLevel":"NOT_DEFINED","reportConfidence":"CONFIRMED","scope":"UNCHANGED","temporalScore":7.6,"temporalSeverity":"HIGH","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C","version":"3.1"}}],"problemTypes":[{"descriptions":[{"description":"Escalation of privilege","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2022-04-22T19:51:15.000Z","orgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","shortName":"fortinet"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://fortiguard.com/advisory/FG-IR-21-178"},{"tags":["x_refsource_MISC"],"url":"https://github.com/orangecertcc/security-research/security/advisories/GHSA-8wx4-g5p9-348h"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@fortinet.com","ID":"CVE-2021-43065","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Fortinet FortiNAC","version":{"version_data":[{"version_value":"FortiNAC 9.2.0, 9.1.3, 9.1.2, 9.1.1, 9.1.0, 8.8.9, 8.8.8, 8.8.7, 8.8.6, 8.8.5, 8.8.4, 8.8.3, 8.8.2, 8.8.1, 8.8.0"}]}}]},"vendor_name":"Fortinet"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system data."}]},"impact":{"cvss":{"attackComplexity":"Low","attackVector":"Local","availabilityImpact":"High","baseScore":7.6,"baseSeverity":"High","confidentialityImpact":"High","integrityImpact":"High","privilegesRequired":"Low","scope":"Unchanged","userInteraction":"None","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Escalation of privilege"}]}]},"references":{"reference_data":[{"name":"https://fortiguard.com/advisory/FG-IR-21-178","refsource":"CONFIRM","url":"https://fortiguard.com/advisory/FG-IR-21-178"},{"name":"https://github.com/orangecertcc/security-research/security/advisories/GHSA-8wx4-g5p9-348h","refsource":"MISC","url":"https://github.com/orangecertcc/security-research/security/advisories/GHSA-8wx4-g5p9-348h"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T03:47:13.400Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://fortiguard.com/advisory/FG-IR-21-178"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/orangecertcc/security-research/security/advisories/GHSA-8wx4-g5p9-348h"}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-10-23T14:13:03.364281Z","id":"CVE-2021-43065","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-25T13:37:33.111Z"}}]},"cveMetadata":{"assignerOrgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","assignerShortName":"fortinet","cveId":"CVE-2021-43065","datePublished":"2021-12-09T09:15:04.000Z","dateReserved":"2021-10-28T00:00:00.000Z","dateUpdated":"2024-10-25T13:37:33.111Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}