{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T22:28:32.580","vulnerabilities":[{"cve":{"id":"CVE-2021-32591","sourceIdentifier":"psirt@fortinet.com","published":"2021-12-08T12:15:07.737","lastModified":"2024-11-21T06:07:20.180","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS credentials in FortiSandbox before 4.0.1, FortiWeb before 6.3.12, FortiADC before 6.2.1, FortiMail 7.0.1 and earlier may allow an attacker in possession of the password store to compromise the confidentiality of the encrypted secrets."},{"lang":"es","value":"Una vulnerabilidad de pasos criptográficos faltantes en la función que cifra las credenciales LDAP y RADIUS de los usuarios en FortiSandbox versiones anteriores a 4.0.1, FortiWeb versiones anteriores a 6.3.12, FortiADC versiones anteriores a 6.2.1, FortiMail 7.0.1 y anteriores puede permitir que un atacante en posesión del almacén de contraseñas comprometa la confidencialidad de los secretos cifrados"}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:P/I:N/A:N","baseScore":2.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":4.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndIncluding":"5.4.4","matchCriteriaId":"23AD5C87-6555-4936-A1B8-8229C1F53F72"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.0.3","matchCriteriaId":"7B938B6E-915F-42F4-B602-0CDF63E1F9BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndIncluding":"6.1.3","matchCriteriaId":"5B3575EF-BFB5-4E8C-ACC2-878CB403503D"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*","matchCriteriaId":"FCDF60B5-A0BE-41F6-A0D5-53526A7BBAE1"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*","matchCriteriaId":"B42E0536-4831-4A6B-AC0B-C7AE3CDE3834"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*","matchCriteriaId":"87F1A94F-C3C5-4F33-9BA3-70BC3ABED4C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0","versionEndIncluding":"5.6.3","matchCriteriaId":"D00B438D-B50E-4F68-ABCC-5F76108492A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.0.11","matchCriteriaId":"F19CA06C-67C2-423E-8E65-4502A06EB667"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0","versionEndIncluding":"6.2.7","matchCriteriaId":"72F6AEF1-C5BF-4A9A-A843-A152AA168085"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndIncluding":"6.4.5","matchCriteriaId":"07883AF7-1C60-43C9-8D98-CCF2B20C3B13"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*","matchCriteriaId":"15993051-6D79-4D59-B43D-EE3DA539AA18"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*","matchCriteriaId":"77F5A17F-E5C0-47EB-AB34-4084943C3143"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.0","versionEndIncluding":"3.2.2","matchCriteriaId":"A82C2CB9-6C03-4ADC-93AF-C5798EFA6246"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0260B512-77CA-4FE8-A039-D7B287A19BAA"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7.0","versionEndIncluding":"5.7.3","matchCriteriaId":"3CAE0CA7-074F-43AD-B8F7-502596CBFF20"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8.0","versionEndIncluding":"5.8.7","matchCriteriaId":"E2AB0971-D9B6-42A6-BB8B-9CEA66F6609A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.0.7","matchCriteriaId":"C5931460-A0F1-4BED-ADEF-A48602EA747C"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndIncluding":"6.1.2","matchCriteriaId":"9B028C2F-34F0-44D2-B6D7-A7024E82801F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0","versionEndIncluding":"6.2.4","matchCriteriaId":"B97AB280-E267-4ED4-B3D8-ABEB65A3353A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3.0","versionEndIncluding":"6.3.11","matchCriteriaId":"1D2C6405-1C59-4E4F-9999-B9E4A259340A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:5.9.0:*:*:*:*:*:*:*","matchCriteriaId":"E06648CF-D92B-4A29-8600-FFFFC84AA435"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:5.9.1:*:*:*:*:*:*:*","matchCriteriaId":"00331438-9892-4210-B85A-E88382018927"}]}]}],"references":[{"url":"https://fortiguard.com/advisory/FG-IR-20-222","source":"psirt@fortinet.com","tags":["Patch","Vendor Advisory"]},{"url":"https://fortiguard.com/advisory/FG-IR-20-222","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}