| IR Number | FG-IR-20-036 |
| Date | Jun 22, 2020 |
| Severity |
Medium |
| CVSSv3 Score | 5.2 |
| Impact | DoS, NTP amplification attacks |
| CVE ID | CVE-2013-5211 |
| Affected Products |
FortiAnalyzer
:
6.4.0, 6.2.3
FortiRecorder
:
6.0.1, 6.0.0, 2.7.7
|
| CVRF | Download |
Refine Search
PSIRT Advisories
FortiAnalyzer could potentially be used in NTP amplification attacks
Summary
An insufficient control of network message volume (CWE-406) vulnerability in FortiAnalyzer may allow an unauthenticated remote attacker to perform NTP amplification attacks (thereby causing reflected denial of service on arbitrary targets) via sending specially crafted mode 6 queries to the FortiAnalyzer built-in NTP server.
Affected Products
FortiAnalyzer 6.4.0, 6.2.3 and below (*)
* only models that support FortiRecorder management are impacted:
FAZ_200F
FAZ_300F
FAZ_400E
FAZ_800F.
FAZ_1000E
FAZ_1000F
FAZ_2000E
FAZ_3000F
FAZ_3500G
FAZ_3700F
FAZ_VM64
FAZ_VM64_KVM
Solutions
Upgrade to FortiAnalyzer 6.2.4 or 6.4.1