Webproxy process denial of service

Webproxy process denial of service Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-23-184 Final 1 1 2023-10-10T00:00:00 Current version 2023-10-10T00:00:00 2023-10-10T00:00:00 A use after free vulnerability [CWE-416] in FortiOS & FortiProxy may allow an unauthenticated remote attacker to crash the Web Proxy process via multiple crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection. None Execute unauthorized code or commands FortiProxy 7.4 all versions are not affectedFortiProxy version 7.2.0 through 7.2.2FortiProxy version 7.0.0 through 7.0.8FortiProxy 2.0 all versions are not affectedFortiProxy 1.2 all versions are not affectedFortiOS 7.4 all versions are not affectedFortiOS version 7.2.0 through 7.2.4FortiOS version 7.0.0 through 7.0.10FortiOS 6.4 all versions are not affected Please upgrade to FortiOS version 7.4.0 or abovePlease upgrade to FortiOS version 7.2.5 or abovePlease upgrade to FortiOS version 7.0.11 or abovePlease upgrade to FortiProxy version 7.2.3 or abovePlease upgrade to FortiProxy version 7.0.9 or aboveFortiSASE is no longer impacted, issue remediated Q2/23 Internally discovered during Fortinet TAC investigation. FortiOS 7.2.4 FortiOS 7.2.3 FortiOS 7.2.2 FortiOS 7.2.1 FortiOS 7.2.0 FortiOS 7.0.10 FortiOS 7.0.9 FortiOS 7.0.8 FortiOS 7.0.7 FortiOS 7.0.6 FortiOS 7.0.5 FortiOS 7.0.4 FortiOS 7.0.3 FortiOS 7.0.2 FortiOS 7.0.1 FortiOS 7.0.0 FortiProxy 7.2.2 FortiProxy 7.2.1 FortiProxy 7.2.0 FortiProxy 7.0.8 FortiProxy 7.0.7 FortiProxy 7.0.6 FortiProxy 7.0.5 FortiProxy 7.0.4 FortiProxy 7.0.3 FortiProxy 7.0.2 FortiProxy 7.0.1 FortiProxy 7.0.0 Webproxy process denial of service CVE-2023-41675 FortiOS-7.2.4 FortiOS-7.2.3 FortiOS-7.2.2 FortiOS-7.2.1 FortiOS-7.2.0 FortiOS-7.0.10 FortiOS-7.0.9 FortiOS-7.0.8 FortiOS-7.0.7 FortiOS-7.0.6 FortiOS-7.0.5 FortiOS-7.0.4 FortiOS-7.0.3 FortiOS-7.0.2 FortiOS-7.0.1 FortiOS-7.0.0 FortiProxy-7.2.2 FortiProxy-7.2.1 FortiProxy-7.2.0 FortiProxy-7.0.8 FortiProxy-7.0.7 FortiProxy-7.0.6 FortiProxy-7.0.5 FortiProxy-7.0.4 FortiProxy-7.0.3 FortiProxy-7.0.2 FortiProxy-7.0.1 FortiProxy-7.0.0 4.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-23-184 Webproxy process denial of service Reference>