| IR Number | FG-IR-23-125 |
| Date | Jun 12, 2023 |
| Severity |
Medium |
| CVSSv3 Score | 6.4 |
| Impact | Denial of service |
| CVE ID | CVE-2023-29179 |
| Affected Products |
FortiOS
:
7.2.4, 7.2.3, 7.2.2, 7.2.1, 7.2.0, 7.0.9, 7.0.8, 7.0.7, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.11, 7.0.10, 7.0.1, 7.0.0, 6.4.9, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.12, 6.4.11, 6.4.10, 6.4.1, 6.4.0
|
| CVRF | Download |
| Language |
Refine Search
PSIRT Advisories
FortiOS - Null pointer dereference in sslvpnd proxy endpoint
Summary
A NULL pointer dereference vulnerability [CWE-476] in FortiOS may allow an authenticated attacker to crash the SSL-VPN daemon via specially crafted HTTP requests to the /proxy endpoint
Affected Products
FortiOS version 7.2.0 through 7.2.4
FortiOS version 7.0.0 through 7.0.11
FortiOS version 6.4.0 through 6.4.12
Solutions
Please upgrade to FortiOS version 7.4.0 or above
Please upgrade to FortiOS version 7.2.5 or above
Please upgrade to FortiOS version 7.0.12 or above
Please upgrade to FortiOS version 6.4.13 or above