vulnerability

Fortinet FortiOS: Information Exposure (CVE-2021-32600)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:L/Au:N/C:P/I:N/A:N)	Nov 17, 2021	Nov 26, 2021	Mar 30, 2026

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:N/A:N)

Published

Nov 17, 2021

Added

Nov 26, 2021

Modified

Mar 30, 2026

Description

An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and the network interface list.

Solutions

fortios-upgrade-6_2_10fortios-upgrade-6_4_7

References

CVE-2021-32600
https://attackerkb.com/topics/CVE-2021-32600
CWE-200
EUVD-EUVD-2021-19440
https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-19440
https://fortiguard.com/advisory/FG-IR-20-243

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report