CVE-2023-29178
4.3MEDIUMA access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authe
Published: 6/13/2023Updated: 11/21/2024
Description
A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests.
AI AnalysisPowered by AI
Affected Products
fortinetfortiproxy
fortinetfortiproxy
fortinetfortiproxy
fortinetfortiproxy
fortinetfortiproxy
7.2.0
fortinetfortiproxy
7.2.1
fortinetfortiproxy
7.2.2
fortinetfortiproxy
7.2.3
fortinetfortios
fortinetfortios
fortinetfortios
fortinetfortios
fortinetfortios
References
- https://fortiguard.com/psirt/FG-IR-23-095Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-23-095Vendor Advisory