CVE-2022-45861
6.5MEDIUMAn access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7
게시됨: 3/7/2023업데이트됨: 11/21/2024
설명
An access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated attacker to crash the sslvpn daemon via an HTTP GET request.
AI 분석AI 기반
영향받는 제품
fortinetfortiproxy
fortinetfortiproxy
fortinetfortiproxy
fortinetfortiproxy
1.1.5
fortinetfortiproxy
1.1.6
fortinetfortiproxy
7.2.0
fortinetfortiproxy
7.2.1
fortinetfortios
fortinetfortios
fortinetfortios
fortinetfortios
참조
- https://fortiguard.com/psirt/FG-IR-22-477Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-22-477Vendor Advisory