{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T15:31:09.346","vulnerabilities":[{"cve":{"id":"CVE-2020-15933","sourceIdentifier":"psirt@fortinet.com","published":"2022-01-05T12:15:07.977","lastModified":"2024-11-21T05:06:29.110","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A exposure of sensitive information to an unauthorized actor in Fortinet FortiMail versions 6.0.9 and below, FortiMail versions 6.2.4 and below FortiMail versions 6.4.1 and 6.4.0 allows attacker to obtain potentially sensitive software-version information via client-side resources inspection."},{"lang":"es","value":"Una exposición de información confidencial a un actor no autorizado en Fortinet FortiMail versiones 6.0.9 y anteriores, FortiMail versiones 6.2.4 y anteriores FortiMail versiones 6.4.1 y 6.4.0, permite a un atacante conseguir información potencialmente confidencial de la versión del software por medio de la inspección de recursos del lado del cliente."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*","versionEndIncluding":"6.0.9","matchCriteriaId":"70EC95D8-FB2E-40CF-A248-806AC0F254D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:6.2.0:*:*:*:*:*:*:*","matchCriteriaId":"4FCC28EF-A732-4B0A-8F2D-217D4C66617F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:6.2.1:*:*:*:*:*:*:*","matchCriteriaId":"880FCAD9-6369-4335-889D-1C66E7CCF15C"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:6.2.2:*:*:*:*:*:*:*","matchCriteriaId":"9619F567-3F75-4C3F-81D8-81B328EE47A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:6.2.3:*:*:*:*:*:*:*","matchCriteriaId":"AE1F3783-E2EC-4D43-83C8-ABC3BB720DB3"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:6.2.4:*:*:*:*:*:*:*","matchCriteriaId":"09BBE243-5A1B-4E5D-A862-B9362CFBCFA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:6.4.0:*:*:*:*:*:*:*","matchCriteriaId":"60F5771F-D563-48A6-8A8C-FFF518AD376E"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:6.4.1:*:*:*:*:*:*:*","matchCriteriaId":"30ACAD3B-3C0B-4549-B31D-D92D99391BAC"}]}]}],"references":[{"url":"https://fortiguard.com/psirt/FG-IR-20-105","source":"psirt@fortinet.com","tags":["Patch","Vendor Advisory"]},{"url":"https://fortiguard.com/psirt/FG-IR-20-105","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}