Fortinet FortiOS Vulnerability Allows Denial of Service via Specially Crafted HTTP Requests
CVE-2023-29179
6.5MEDIUM
Summary
A null pointer dereference vulnerability exists in Fortinet's FortiOS and FortiProxy products. This issue affects multiple versions, allowing attackers to exploit this flaw by sending specially crafted HTTP requests. Successful exploitation leads to a denial of service condition, impacting the availability of the affected systems. Organizations using vulnerable versions are advised to apply the latest security updates to mitigate potential risks.
Affected Version(s)
FortiOS 7.2.0 <= 7.2.4
FortiOS 7.0.0 <= 7.0.11
FortiOS 6.4.0 <= 6.4.12
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved