What is CVE-2021-32586?

CVE-2021-32586 is a high-severity vulnerability in Fortinet Fortimail. CVSS score: 7.7/10. Published 2022-03-01.

How severe is CVE-2021-32586?

High severity. CVSS v3 base score is 7.7 out of 10.

Vulnerability in Fortinet Fortimail

CVE-2021-32586

An improper input validation vulnerability in the web server CGI facilities of FortiMail before 7.0.1 may allow an unauthenticated attacker to alter the environment of the underlying script interpreter via specifically crafted HTTP request…

EPSS: 0.004 (63.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.7 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L/E:P/RL:X/RC:X.

Affected products

Fortinet Fortimail — versions FortiMail before 7.0.1

References

fortiguard.com/psirt/FG-IR-21-008 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2021-32586?: CVE-2021-32586 is a high-severity vulnerability in Fortinet Fortimail. CVSS score: 7.7/10. Published 2022-03-01.
How severe is CVE-2021-32586?: High severity. CVSS v3 base score is 7.7 out of 10.