Uncontrolled Resource Consumption in Fortinet FortiSwitch, FortiAnalyzer, FortiManager, and FortiAP
CVE-2019-17657
7.5HIGH
Key Information:
- Vendor
Fortinet
- Vendor
- CVE Published:
- 7 April 2020
What is CVE-2019-17657?
An Uncontrolled Resource Consumption vulnerability exists in Fortinet's FortiSwitch, FortiAnalyzer, FortiManager, and FortiAP products. This issue allows an attacker to exploit specially crafted HTTP requests and responses, leading to a Denial of Service (DoS) condition on the admin webUI. The vulnerability is particularly sensitive to Slow HTTP DoS attacks, which can disrupt the normal operation of these devices and affect service availability.
Affected Version(s)
FortiAnalyzer below 6.2.3
FortiAP-S/W2 below 6.2.2
FortiManager below 6.2.3