[FortiOS] DoS vulnerability in SSL-VPN portal Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-19-236 Final 1 1 2019-11-08T00:00:00 Current version 2019-11-08T00:00:00 2019-11-08T00:00:00 An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request. Denial of service FortiOS versions 6.2.1 and below.FortiOS versions 6.0.6 and below. Please upgrade to FortiOS version 6.2.2 and above.Please upgrade to FortiOS version 6.0.7 and above. Fortinet is pleased to thank Qingtang Zheng from CodeSafe Team of Legendsec at Qi'anXin Group for bringing this issue to our attention under responsible disclosure. CVE-2019-15705 4.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:X/RC:X https://fortiguard.fortinet.com/psirt/FG-IR-19-236 [FortiOS] DoS vulnerability in SSL-VPN portal Reference>