Disclosure of other VDOMs information through CLI commands Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-20-243 Final 1 1 2021-09-07T00:00:00 Current version 2021-09-07T00:00:00 2021-09-07T00:00:00 An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and the network interface list. Information disclosure FortiOS 7.0.0FortiOS 6.4.6 and belowFortiOS 6.2.9 and belowFortiOS 6.0.xFortiOS 5.6.x Please Upgrade to FortiOS 7.0.1 or abovePlease Upgrade to FortiOS 6.4.7 or abovePlease Upgrade to FortiOS 6.2.10 or above Fortinet is pleased to thank Shaun Farrow for reporting this vulnerability under responsible disclosure. CVE-2021-32600 4.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:F/RL:X/RC:X https://fortiguard.fortinet.com/psirt/FG-IR-20-243 Disclosure of other VDOMs information through CLI commands Reference>