The vulnerability of the FortiOS operating system arises from insufficient input data validation, allowing attackers to trigger a service failure.

🗓️ 14 Nov 2017 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

FortiOS input validation weakness can crash the web interface with a crafted params value in /json.

Reporter	Title	Published	Views	Family All 10
CNVD	Fortinet FortiOS Denial of Service Vulnerability (CNVD-2017-35607)	30 Oct 201700:00	–	cnvd
CVE	CVE-2017-14182	27 Oct 201713:00	–	cve
Cvelist	CVE-2017-14182	27 Oct 201713:00	–	cvelist
EUVD	EUVD-2017-5692	7 Oct 202500:30	–	euvd
Fortinet	FortiOS DoS on webUI through 'params' JSON parameter	24 Oct 201700:00	–	fortinet
Tenable Nessus	Fortinet FortiOS 5.4.x < 5.4.6 Denial of Service (FG-IR-17-206)	2 Nov 201700:00	–	nessus
NVD	CVE-2017-14182	27 Oct 201713:29	–	nvd
OSV	CVE-2017-14182	27 Oct 201713:29	–	osv
Prion	Denial of service	27 Oct 201713:29	–	prion
Vulnrichment	CVE-2017-14182	27 Oct 201713:00	–	vulnrichment

Vulners

Node

fortinet fortiosRange5.4.0–5.4.5

Source	Link
fortiguard	www.fortiguard.com/psirt/FG-IR-17-206
securityfocus	www.securityfocus.com/bid/101563/info
securitytracker	www.securitytracker.com/id/1039678
code610	www.code610.blogspot.com/2017/10/patch-your-fortinet-cve-2017-14182.html
web	www.web.nvd.nist.gov/view/vuln/detail

23 Mar 2021 00:00Current

6.5Medium risk

Vulners AI Score6.5

CVSS 24

CVSS 36.5

EPSS0.01458

FortiOS input validation web interface parameters field crafted input vulnerability