Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow an attacker with regular user's privileges to execute arbitrary commands on the underlying SQL database via specifically crafted HTTP requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-21-084 |
History
Fri, 25 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-08-04T13:31:30
Updated: 2024-10-25T13:54:01.791Z
Reserved: 2021-05-11T00:00:00
Link: CVE-2021-32590
Vulnrichment
Updated: 2024-08-03T23:25:30.415Z
NVD
Status : Modified
Published: 2021-08-04T14:15:08.200
Modified: 2024-11-21T06:07:20.043
Link: CVE-2021-32590
Redhat
No data.