Lucene search

China National Vulnerability DatabaseCNVD-2024-13092

HistoryMar 13, 2024 - 12:00 a.m.

Fortinet FortiOS and FortiProxy Null Pointer Dereference Vulnerability (CNVD-2024-13092)

2024-03-1300:00:00

China National Vulnerability Database

www.cnvd.org.cn

fortinet

fortios

fortiproxy

null pointer dereference

vulnerability

denial of service

http request

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees from cyberattacks by combining a variety of detection technologies, such as Web filtering, DNS filtering, DLP, anti-virus, intrusion prevention, and advanced threat protection. . A null pointer dereference vulnerability exists in Fortinet FortiOS and FortiProxy, which can be exploited by an attacker to cause a denial of service via a specially crafted HTTP request.

CPENameOperatorVersion
fortinet fortiproxy >=7.0.0，le7.0.10
fortinet fortios >=7.2.0，le7.2.4
fortinet fortiproxy >=7.2.0，le7.2.4
fortinet fortios >=7.0.0，le7.0.11
fortinet fortios >=6.4.0，le6.4.12

Name	Operator	Version
fortinet fortiproxy >=7.0.0，	le	7.0.10
fortinet fortios >=7.2.0，	le	7.2.4
fortinet fortiproxy >=7.2.0，	le	7.2.4
fortinet fortios >=7.0.0，	le	7.0.11
fortinet fortios >=6.4.0，	le	6.4.12