Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-36641


A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests.


Published

2023-11-14T18:15:49.833

Last Modified

2024-11-21T08:10:09.613

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses
  • Type: Primary
    CWE-197

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application fortinet fortiproxy ≤ 1.0.7 Yes
Application fortinet fortiproxy ≤ 1.1.6 Yes
Application fortinet fortiproxy ≤ 1.2.13 Yes
Application fortinet fortiproxy ≤ 2.0.13 Yes
Application fortinet fortiproxy ≤ 7.0.10 Yes
Application fortinet fortiproxy ≤ 7.2.4 Yes
Operating System fortinet fortios ≤ 6.0.17 Yes
Operating System fortinet fortios ≤ 6.2.15 Yes
Operating System fortinet fortios ≤ 6.4.14 Yes
Operating System fortinet fortios ≤ 7.0.12 Yes
Operating System fortinet fortios ≤ 7.2.5 Yes

References