Vulnerability Details CVE-2021-32584
An improper access control (CWE-284) vulnerability in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 and below, version 8.2.7 to 8.2.4, version 8.1.3 may allow an unauthenticated and remote attacker to access certain areas of the web management CGI functionality by just specifying the correct URL. The vulnerability applies only to limited CGI resources and might allow the unauthorized party to access configuration details.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.1%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2021-32584
-
cpe:2.3:a:fortinet:fortiwlc:8.1.3
-
cpe:2.3:a:fortinet:fortiwlc:8.2-4-0
-
cpe:2.3:a:fortinet:fortiwlc:8.2.4
-
cpe:2.3:a:fortinet:fortiwlc:8.2.6
-
cpe:2.3:a:fortinet:fortiwlc:8.2.7
-
cpe:2.3:a:fortinet:fortiwlc:8.3.0
-
cpe:2.3:a:fortinet:fortiwlc:8.3.1
-
cpe:2.3:a:fortinet:fortiwlc:8.3.2
-
cpe:2.3:a:fortinet:fortiwlc:8.3.3
-
cpe:2.3:a:fortinet:fortiwlc:8.4.0
-
cpe:2.3:a:fortinet:fortiwlc:8.4.1
-
cpe:2.3:a:fortinet:fortiwlc:8.4.2
-
cpe:2.3:a:fortinet:fortiwlc:8.4.3
-
cpe:2.3:a:fortinet:fortiwlc:8.4.4
-
cpe:2.3:a:fortinet:fortiwlc:8.4.5
-
cpe:2.3:a:fortinet:fortiwlc:8.4.6
-
cpe:2.3:a:fortinet:fortiwlc:8.4.7
-
cpe:2.3:a:fortinet:fortiwlc:8.4.8
-
cpe:2.3:a:fortinet:fortiwlc:8.5.0
-
cpe:2.3:a:fortinet:fortiwlc:8.5.1
-
cpe:2.3:a:fortinet:fortiwlc:8.5.2
-
cpe:2.3:a:fortinet:fortiwlc:8.5.3
-
cpe:2.3:a:fortinet:fortiwlc:8.6.0