Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-XFCH-762X-Q3V9
Vulnerability from github – Published: 2022-02-08 00:00 – Updated: 2026-01-13 18:31
VLAI
Details
Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands.
Severity
7.2 (High)
{
"affected": [],
"aliases": [
"CVE-2021-36193"
],
"database_specific": {
"cwe_ids": [
"CWE-121",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-02T12:15:00Z",
"severity": "HIGH"
},
"details": "Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands.",
"id": "GHSA-xfch-762x-q3v9",
"modified": "2026-01-13T18:31:01Z",
"published": "2022-02-08T00:00:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36193"
},
{
"type": "WEB",
"url": "https://fortiguard.com/advisory/FG-IR-21-132"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
CVE-2021-36193 (GCVE-0-2021-36193)
Vulnerability from cvelistv5 – Published: 2022-02-02 11:19 – Updated: 2026-01-13 16:32
VLAI
EPSS
Summary
Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
10 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiFone |
Affected:
3.0.0 , ≤ 3.0.11
(semver)
|
|
| Fortinet | FortiADC |
Affected:
7.0.0
Affected: 6.2.0 , ≤ 6.2.2 (semver) Affected: 6.1.0 , ≤ 6.1.6 (semver) Affected: 6.0.0 , ≤ 6.0.4 (semver) Affected: 5.4.0 , ≤ 5.4.5 (semver) Affected: 5.3.0 , ≤ 5.3.7 (semver) Affected: 5.2.0 , ≤ 5.2.8 (semver) Affected: 5.1.0 , ≤ 5.1.7 (semver) Affected: 5.0.0 , ≤ 5.0.4 (semver) cpe:2.3:h:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.2.2:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.1.6:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.1.5:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.1.4:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.1.3:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.1.2:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.1.1:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.1.0:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.0.4:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.0.3:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.0.2:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.0.1:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:6.0.0:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.4.5:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.4.4:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.4.3:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.4.2:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.4.1:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.4.0:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.3.7:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.3.6:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.3.5:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.3.4:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.3.3:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.3.2:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.3.1:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.3.0:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.2.8:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.2.7:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.2.6:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.2.5:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.2.4:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.2.3:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.2.2:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.2.1:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.2.0:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.1.7:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.1.6:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.1.5:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.1.4:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.1.3:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.1.2:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.1.1:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.1.0:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.0.4:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.0.3:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.0.2:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.0.1:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiadc:5.0.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiMail |
Affected:
7.0.0 , ≤ 7.0.2
(semver)
Affected: 6.4.0 , ≤ 6.4.6 (semver) Affected: 6.2.0 , ≤ 6.2.8 (semver) Affected: 6.0.0 , ≤ 6.0.12 (semver) Affected: 5.4.0 , ≤ 5.4.12 (semver) cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.2.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.0.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.0.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.0.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:6.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:5.4.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:5.4.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:5.4.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:5.4.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:5.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:5.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:5.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:5.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:5.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:5.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:5.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:5.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimail:5.4.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiDDoS |
Affected:
5.7.0
Affected: 5.6.0 , ≤ 5.6.1 (semver) Affected: 5.5.0 , ≤ 5.5.1 (semver) Affected: 5.4.0 , ≤ 5.4.3 (semver) Affected: 5.3.0 , ≤ 5.3.2 (semver) Affected: 5.2.0 Affected: 5.1.0 Affected: 5.0.0 Affected: 4.7.0 Affected: 4.6.0 Affected: 4.5.0 Affected: 4.4.0 , ≤ 4.4.2 (semver) cpe:2.3:o:fortinet:fortiddos:5.7.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.5.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.5.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.3.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.3.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.3.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.1.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:5.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:4.7.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:4.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:4.5.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:4.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:4.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos:4.4.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiDDoS-F |
Affected:
6.3.0
Affected: 6.2.0 , ≤ 6.2.2 (semver) Affected: 6.1.0 , ≤ 6.1.4 (semver) cpe:2.3:o:fortinet:fortiddos-f:6.3.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos-f:6.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos-f:6.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos-f:6.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos-f:6.1.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos-f:6.1.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos-f:6.1.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos-f:6.1.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiddos-f:6.1.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiVoice |
Affected:
6.4.0 , ≤ 6.4.4
(semver)
Affected: 6.0.0 , ≤ 6.0.10 (semver) cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiDDoS-CM |
Affected:
5.5.0 , ≤ 5.5.1
(semver)
Affected: 5.4.0 , ≤ 5.4.3 (semver) Affected: 5.3.0 , ≤ 5.3.1 (semver) Affected: 5.2.0 Affected: 5.1.0 Affected: 5.0.0 Affected: 4.7.0 |
|
| Fortinet | FortiWeb |
Affected:
6.4.0 , ≤ 6.4.1
(semver)
Affected: 6.3.0 , ≤ 6.3.15 (semver) cpe:2.3:a:fortinet:fortiweb:6.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.15:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.14:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.13:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiweb:6.3.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiRecorder |
Affected:
6.4.0 , ≤ 6.4.2
(semver)
Affected: 6.0.0 , ≤ 6.0.10 (semver) Affected: 2.7.0 , ≤ 2.7.7 (semver) Affected: 2.6.0 , ≤ 2.6.3 (semver) cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.0.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.0.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:6.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:2.7.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:2.7.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:2.7.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:2.7.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:2.7.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:2.7.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:2.7.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:2.7.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:2.6.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:2.6.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:2.6.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:2.6.0:*:*:*:*:*:*:* |
|
| Fortinet | FortiNDR |
Affected:
1.5.0 , ≤ 1.5.3
(semver)
Affected: 1.4.0 Affected: 1.3.0 , ≤ 1.3.1 (semver) Affected: 1.2.0 Affected: 1.1.0 cpe:2.3:a:fortinet:fortindr:1.5.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:1.5.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:1.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:1.5.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:1.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:1.3.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:1.3.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:1.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortindr:1.1.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:50.136Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-132"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-36193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:12:56.216120Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T13:35:45.778Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiFone",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "3.0.11",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.6:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.5:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.4.5:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.4.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.4.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.4.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.4.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.4.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.7:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.6:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.5:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.8:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.7:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.6:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.5:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.7:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.6:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.5:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiADC",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.0.0"
},
{
"lessThanOrEqual": "6.2.2",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.6",
"status": "affected",
"version": "6.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.4",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.5",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.3.7",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.2.8",
"status": "affected",
"version": "5.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.1.7",
"status": "affected",
"version": "5.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.0.4",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiMail",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.2",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.6",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.8",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.12",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.12",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortiddos:5.7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.5.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.5.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.3.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.3.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.3.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.1.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:4.7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:4.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:4.5.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:4.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:4.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:4.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiDDoS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "5.7.0"
},
{
"lessThanOrEqual": "5.6.1",
"status": "affected",
"version": "5.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.5.1",
"status": "affected",
"version": "5.5.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.3",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.3.2",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.2.0"
},
{
"status": "affected",
"version": "5.1.0"
},
{
"status": "affected",
"version": "5.0.0"
},
{
"status": "affected",
"version": "4.7.0"
},
{
"status": "affected",
"version": "4.6.0"
},
{
"status": "affected",
"version": "4.5.0"
},
{
"lessThanOrEqual": "4.4.2",
"status": "affected",
"version": "4.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortiddos-f:6.3.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.1.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.1.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.1.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.1.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiDDoS-F",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "6.3.0"
},
{
"lessThanOrEqual": "6.2.2",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.4",
"status": "affected",
"version": "6.1.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiVoice",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "6.4.4",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.10",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiDDoS-CM",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.5.1",
"status": "affected",
"version": "5.5.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.3",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.3.1",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.2.0"
},
{
"status": "affected",
"version": "5.1.0"
},
{
"status": "affected",
"version": "5.0.0"
},
{
"status": "affected",
"version": "4.7.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiweb:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.15:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.14:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.13:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiweb:6.3.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiWeb",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "6.4.1",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.3.15",
"status": "affected",
"version": "6.3.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.6.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.6.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiRecorder",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "6.4.2",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.10",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.7.7",
"status": "affected",
"version": "2.7.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.6.3",
"status": "affected",
"version": "2.6.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortindr:1.5.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:1.5.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:1.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:1.5.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:1.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:1.3.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:1.3.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:1.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortindr:1.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiNDR",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "1.5.3",
"status": "affected",
"version": "1.5.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "1.4.0"
},
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "1.3.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "1.2.0"
},
{
"status": "affected",
"version": "1.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows\u00a0in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T16:32:40.255Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/advisory/FG-IR-21-132",
"url": "https://fortiguard.com/advisory/FG-IR-21-132"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiFone version 3.0.12 or above\nPlease upgrade to FortiWeb version 7.0.0 or above\nPlease upgrade to FortiWeb version 6.4.2 or above\nPlease upgrade to FortiWeb version 6.3.17 or above\nPlease upgrade to FortiWeb version 6.3.16 or above\nPlease upgrade to FortiWeb version 6.2.7 or above\nPlease upgrade to FortiRecorder version 7.0.0 or above\nPlease upgrade to FortiRecorder version 6.4.3 or above\nPlease upgrade to FortiRecorder version 6.0.11 or above\nPlease upgrade to FortiVoiceEnterprise version 6.4.5 or above\nPlease upgrade to FortiVoiceEnterprise version 6.0.11 or above\nPlease upgrade to FortiMail version 7.2.0 or above\nPlease upgrade to FortiMail version 7.0.3 or above\nPlease upgrade to FortiMail version 6.4.7 or above\nPlease upgrade to FortiMail version 6.2.9 or above\nPlease upgrade to FortiDDoS-F version 6.3.1 or above\nPlease upgrade to FortiDDoS-F version 6.2.3 or above\nPlease upgrade to FortiDDoS-F version 6.1.5 or above\nPlease upgrade to FortiADC version 7.0.1 or above\nPlease upgrade to FortiADC version 6.2.3 or above\nPlease upgrade to FortiADC version 6.1.7 or above\nPlease upgrade to FortiNDR version 7.0.0 or above\nPlease upgrade to FortiDDoS version 5.7.1 or above\nPlease upgrade to FortiDDoS version 5.6.2 or above\nPlease upgrade to FortiDDoS version 5.5.2 or above\nPlease upgrade to FortiDDoS version 5.4.3 or above\nPlease upgrade to FortiDDoS version 5.3.2 or above\nPlease upgrade to FortiDDoS-CM version 5.7.1 or above\nPlease upgrade to FortiDDoS-CM version 5.6.2 or above\nPlease upgrade to FortiDDoS-CM version 5.5.2 or above\nPlease upgrade to FortiDDoS-CM version 5.4.3 or above\nPlease upgrade to FortiDDoS-CM version 5.3.2 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-36193",
"datePublished": "2022-02-02T11:19:47.000Z",
"dateReserved": "2021-07-06T00:00:00.000Z",
"dateUpdated": "2026-01-13T16:32:40.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…