Auto-merge PR#2422

2025-08-04 08:44:25 +00:00 · 2021-08-04 11:40:11 -04:00 · 2021-08-04 11:40:11 -04:00 · 6a784c5e22
commit 6a784c5e22
parent 3003db7883 e200656bf8
1 changed files with 63 additions and 3 deletions
--- a/2021/32xxx/CVE-2021-32596.json
+++ b/2021/32xxx/CVE-2021-32596.json
@ -4,14 +4,74 @@
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2021-32596",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "psirt@fortinet.com",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Fortinet",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Fortinet FortiPortal",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "FortiPortal 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "impact": {
+        "cvss": {
+            "attackComplexity": "Low",
+            "attackVector": "Local",
+            "availabilityImpact": "None",
+            "baseScore": 5.5,
+            "baseSeverity": "Medium",
+            "confidentialityImpact": "High",
+            "integrityImpact": "None",
+            "privilegesRequired": "High",
+            "scope": "Changed",
+            "userInteraction": "None",
+            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:W/RC:C",
+            "version": "3.1"
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Information disclosure"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "CONFIRM",
+                "name": "https://fortiguard.com/advisory/FG-IR-21-094",
+                "url": "https://fortiguard.com/advisory/FG-IR-21-094"
+            }
+        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A use of one-way hash with a predictable salt vulnerability\u00a0in the password\u00a0storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables."
            }
        ]
    }