What is CVE-2021-32589?

CVE-2021-32589 is a high-severity vulnerability in Fortinet Fortianalyzer, classified under Use After Free. CVSS score: 7.7/10. Published 2024-12-19.

How severe is CVE-2021-32589?

High severity. CVSS v3 base score is 7.7 out of 10.

Is CVE-2021-32589 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Use After Free in Fortinet Fortianalyzer

CVE-2021-32589

A Use After Free (CWE-416) vulnerability in FortiManager version 7.0.0, version 6.4.5 and below, version 6.2.7 and below, version 6.0.10 and below, version 5.6.10 and below, version 5.4.7 and below, version 5.2.10 and below, version 5.0.12…

Vulnerability class: Use-After-Free

EPSS: 0.087 (92.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.7 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C.

Affected products

Fortinet Fortianalyzer — versions 7.0.0, 6.4.0, 6.2.0
Fortinet Fortimanager — versions 7.0.0, 6.4.0, 6.2.0

Weakness classification (CWE)

CWE-416 — Use After Free

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

https://fortiguard.fortinet.com/psirt/FG-IR-21-067

Frequently asked questions

What is CVE-2021-32589?: CVE-2021-32589 is a high-severity vulnerability in Fortinet Fortianalyzer, classified under Use After Free. CVSS score: 7.7/10. Published 2024-12-19.
How severe is CVE-2021-32589?: High severity. CVSS v3 base score is 7.7 out of 10.
Is CVE-2021-32589 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.