Home
MEDIUM: 5.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:CDefault status
unaffected
7.4.0 (semver)
affected
7.2.0 (semver)
affected
7.0.0 (semver)
affected
6.4.0 (semver)
affected
6.2.0 (semver)
affected
Default status
unaffected
7.2.0 (semver)
affected
7.0.0 (semver)
affected
Default status
unaffected
1.2.0
affected
1.1.0 (semver)
affected
1.0.0 (semver)
affected
Default status
unaffected
7.4.0 (semver)
affected
7.2.0 (semver)
affected
7.0.0 (semver)
affected
2.0.0 (semver)
affected
1.2.0 (semver)
affected
Description
An improper check or handling of exceptional conditions vulnerability [CWE-703] in FortiOS version 7.4.0 through 7.4.3 and before 7.2.7, FortiProxy version 7.4.0 through 7.4.3 and before 7.2.9, FortiPAM before 1.2.0 and FortiSwitchManager version 7.2.0 through 7.2.3 and version 7.0.0 through 7.0.3 fgfm daemon may allow an unauthenticated attacker to repeatedly reset the fgfm connection via crafted SSL encrypted TCP requests.
Problem types
Product status
7.4.0 (semver)
7.2.0 (semver)
7.0.0 (semver)
6.4.0 (semver)
6.2.0 (semver)
7.2.0 (semver)
7.0.0 (semver)
1.2.0
1.1.0 (semver)
1.0.0 (semver)
7.4.0 (semver)
7.2.0 (semver)
7.0.0 (semver)
2.0.0 (semver)
1.2.0 (semver)
References
fortiguard.fortinet.com/psirt/FG-IR-24-041
