An access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated attacker to crash the sslvpn daemon via an HTTP GET request.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-477 |
History
Tue, 22 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-03-07T16:21:49.923Z
Updated: 2024-10-22T20:48:10.646Z
Reserved: 2022-11-23T14:57:05.613Z
Link: CVE-2022-45861
Vulnrichment
Updated: 2024-08-03T14:24:02.823Z
NVD
Status : Modified
Published: 2023-03-07T17:15:12.380
Modified: 2023-11-07T03:54:54.773
Link: CVE-2022-45861
Redhat
No data.