Memory Allocation Vulnerability in FortiPortal by Fortinet
CVE-2021-36174
4.3MEDIUM
Summary
A vulnerability in the license verification function of FortiPortal prior to version 6.0.6 permits an attacker to exploit excessive memory allocation through specially crafted license blobs. This can facilitate a denial of service attack, potentially disrupting the availability of the FortiPortal service. Organizations using affected versions should apply recommended updates to mitigate possible exploitation.
Affected Version(s)
Fortinet FortiPortal FortiPortal before 6.0.6
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved