CVE-2021-32584
Essential information
- Published
- 17/03/2025 14:15
- Modified
- 17/03/2025 14:15
- Author
- —
- Creator
- —
- CVSS
- 5.3 MEDIUM (v3.1)
- CISA KEV
- No
- CWE
- —
- CVSS vector
-
—
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N—
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- NETWORK
- Attack complexity
- LOW
- Privileges required
- NONE
- User interaction
- NONE
- Scope
- UNCHANGED
- Confidentiality impact
- LOW
- Integrity impact
- NONE
- Availability impact
- NONE
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Attack requirements
- —
- Privileges required
- —
- User interaction
- —
- Confidentiality (V)
- —
- Confidentiality (S)
- —
- Integrity (V)
- —
- Integrity (S)
- —
- Availability (V)
- —
- Availability (S)
- —
- Exploit maturity
- —
Description
An improper access control (CWE-284) vulnerability in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 and below, version 8.2.7 to 8.2.4, version 8.1.3 may allow an unauthenticated and remote attacker to access certain areas of the web management CGI functionality by just specifying the correct URL. The vulnerability applies only to limited CGI resources and might allow the unauthorized party to access configuration details.
NVD status
- Status
- Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| fortinet / fortiwlc | cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:* |
| fortinet / fortiwlc | cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:* |
| fortinet / fortiwlc | cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:* |
| fortinet / fortiwlc | cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:* |
| fortinet / fortiwlc | cpe:2.3:a:fortinet:fortiwlc:8.2.7:*:*:*:*:*:*:* |
| fortinet / fortiwlc | cpe:2.3:a:fortinet:fortiwlc:8.2.4:*:*:*:*:*:*:* |
| fortinet / fortiwlc | cpe:2.3:a:fortinet:fortiwlc:8.1.3:*:*:*:*:*:*:* |