CVE-2021-32586 is a vulnerability in Fortinet Fortimail
Published on March 1, 2022
An improper input validation vulnerability in the web server CGI facilities of FortiMail before 7.0.1 may allow an unauthenticated attacker to alter the environment of the underlying script interpreter via specifically crafted HTTP requests.
Vulnerability Analysis
CVE-2021-32586 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and a small impact on availability.
Products Associated with CVE-2021-32586
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-32586 are published in Fortinet Fortimail:
Affected Versions
Fortinet FortiMail Version FortiMail before 7.0.1 is affected by CVE-2021-32586Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.