CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-32590

Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow an attacker with regular user's privileges to execute arbitrary commands on the underlying SQL database via specifically crafted HTTP requests.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.1%

CVSS Severity

CVSS v3 Score 9.9

CVSS v2 Score 9.0

References

Products affected by CVE-2021-32590

Fortinet » Fortiportal » Version: 3.2.0

cpe:2.3:a:fortinet:fortiportal:3.2.0
Fortinet » Fortiportal » Version: 3.2.1

cpe:2.3:a:fortinet:fortiportal:3.2.1
Fortinet » Fortiportal » Version: 3.2.2

cpe:2.3:a:fortinet:fortiportal:3.2.2
Fortinet » Fortiportal » Version: 4.0.0

cpe:2.3:a:fortinet:fortiportal:4.0.0
Fortinet » Fortiportal » Version: 4.0.1

cpe:2.3:a:fortinet:fortiportal:4.0.1
Fortinet » Fortiportal » Version: 4.0.2

cpe:2.3:a:fortinet:fortiportal:4.0.2
Fortinet » Fortiportal » Version: 4.0.3

cpe:2.3:a:fortinet:fortiportal:4.0.3
Fortinet » Fortiportal » Version: 4.0.4

cpe:2.3:a:fortinet:fortiportal:4.0.4
Fortinet » Fortiportal » Version: 4.1.0

cpe:2.3:a:fortinet:fortiportal:4.1.0
Fortinet » Fortiportal » Version: 4.1.1

cpe:2.3:a:fortinet:fortiportal:4.1.1
Fortinet » Fortiportal » Version: 4.1.2

cpe:2.3:a:fortinet:fortiportal:4.1.2
Fortinet » Fortiportal » Version: 4.2.0

cpe:2.3:a:fortinet:fortiportal:4.2.0
Fortinet » Fortiportal » Version: 4.2.1

cpe:2.3:a:fortinet:fortiportal:4.2.1
Fortinet » Fortiportal » Version: 4.2.2

cpe:2.3:a:fortinet:fortiportal:4.2.2
Fortinet » Fortiportal » Version: 4.2.3

cpe:2.3:a:fortinet:fortiportal:4.2.3
Fortinet » Fortiportal » Version: 4.2.4

cpe:2.3:a:fortinet:fortiportal:4.2.4
Fortinet » Fortiportal » Version: 5.0.0

cpe:2.3:a:fortinet:fortiportal:5.0.0
Fortinet » Fortiportal » Version: 5.0.1

cpe:2.3:a:fortinet:fortiportal:5.0.1
Fortinet » Fortiportal » Version: 5.0.2

cpe:2.3:a:fortinet:fortiportal:5.0.2
Fortinet » Fortiportal » Version: 5.0.3

cpe:2.3:a:fortinet:fortiportal:5.0.3
Fortinet » Fortiportal » Version: 5.1.0

cpe:2.3:a:fortinet:fortiportal:5.1.0
Fortinet » Fortiportal » Version: 5.1.1

cpe:2.3:a:fortinet:fortiportal:5.1.1
Fortinet » Fortiportal » Version: 5.1.2

cpe:2.3:a:fortinet:fortiportal:5.1.2
Fortinet » Fortiportal » Version: 5.2.0

cpe:2.3:a:fortinet:fortiportal:5.2.0
Fortinet » Fortiportal » Version: 5.2.1

cpe:2.3:a:fortinet:fortiportal:5.2.1
Fortinet » Fortiportal » Version: 5.2.2

cpe:2.3:a:fortinet:fortiportal:5.2.2
Fortinet » Fortiportal » Version: 5.2.3

cpe:2.3:a:fortinet:fortiportal:5.2.3
Fortinet » Fortiportal » Version: 5.2.4

cpe:2.3:a:fortinet:fortiportal:5.2.4
Fortinet » Fortiportal » Version: 5.2.5

cpe:2.3:a:fortinet:fortiportal:5.2.5
Fortinet » Fortiportal » Version: 5.3.0

cpe:2.3:a:fortinet:fortiportal:5.3.0
Fortinet » Fortiportal » Version: 5.3.1

cpe:2.3:a:fortinet:fortiportal:5.3.1
Fortinet » Fortiportal » Version: 5.3.2

cpe:2.3:a:fortinet:fortiportal:5.3.2
Fortinet » Fortiportal » Version: 5.3.3

cpe:2.3:a:fortinet:fortiportal:5.3.3
Fortinet » Fortiportal » Version: 5.3.4

cpe:2.3:a:fortinet:fortiportal:5.3.4
Fortinet » Fortiportal » Version: 5.3.5

cpe:2.3:a:fortinet:fortiportal:5.3.5
Fortinet » Fortiportal » Version: 6.0.0

cpe:2.3:a:fortinet:fortiportal:6.0.0
Fortinet » Fortiportal » Version: 6.0.1

cpe:2.3:a:fortinet:fortiportal:6.0.1
Fortinet » Fortiportal » Version: 6.0.2

cpe:2.3:a:fortinet:fortiportal:6.0.2
Fortinet » Fortiportal » Version: 6.0.3

cpe:2.3:a:fortinet:fortiportal:6.0.3
Fortinet » Fortiportal » Version: 6.0.4

cpe:2.3:a:fortinet:fortiportal:6.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-32590

Products

Pricing

Contact Us