{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-15T01:40:43.310","vulnerabilities":[{"cve":{"id":"CVE-2021-43065","sourceIdentifier":"psirt@fortinet.com","published":"2021-12-09T10:15:11.847","lastModified":"2024-11-21T06:28:37.820","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system data."},{"lang":"es","value":"Una asignación incorrecta de permisos para recursos críticos en Fortinet FortiNAC versión 9.2.0, versión 9.1.3 y anteriores, versión 8.8.9 y anteriores, permite al atacante conseguir mayores privilegios por medio del acceso a datos confidenciales del sistema"}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*","versionStartIncluding":"8.8.0","versionEndExcluding":"8.8.10","matchCriteriaId":"2B635677-94E0-4594-93B3-DA0A0F40540F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*","versionStartIncluding":"9.1.0","versionEndExcluding":"9.1.4","matchCriteriaId":"EAD6773C-BD72-47FF-BCC6-CC057C20E796"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortinac:9.2.0:*:*:*:*:*:*:*","matchCriteriaId":"9D6ECEB2-D111-4C78-B0B4-0094C8C57EB3"}]}]}],"references":[{"url":"https://fortiguard.com/advisory/FG-IR-21-178","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://github.com/orangecertcc/security-research/security/advisories/GHSA-8wx4-g5p9-348h","source":"psirt@fortinet.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://fortiguard.com/advisory/FG-IR-21-178","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://github.com/orangecertcc/security-research/security/advisories/GHSA-8wx4-g5p9-348h","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}