A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.3, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to denial of service via specially crafted HTTP requests.
2024-02-22T10:15:07.947
2024-12-10T16:58:41.603
Analyzed
CVSSv3.1: 7.5 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | fortinet | fortiproxy | ≤ 1.0.7 | Yes |
| Application | fortinet | fortiproxy | ≤ 1.1.6 | Yes |
| Application | fortinet | fortiproxy | ≤ 1.2.13 | Yes |
| Application | fortinet | fortiproxy | < 2.0.13 | Yes |
| Application | fortinet | fortiproxy | < 7.0.11 | Yes |
| Application | fortinet | fortiproxy | < 7.2.4 | Yes |
| Operating System | fortinet | fortios | < 6.0.17 | Yes |
| Operating System | fortinet | fortios | < 6.2.15 | Yes |
| Operating System | fortinet | fortios | < 6.4.13 | Yes |
| Operating System | fortinet | fortios | < 7.0.12 | Yes |
| Operating System | fortinet | fortios | < 7.2.5 | Yes |