Lucene search

K
cvelistFortinetCVELIST:CVE-2021-32595
HistoryNov 02, 2021 - 6:04 p.m.

CVE-2021-32595

2021-11-0218:04:20
fortinet
www.cve.org
7
fortiportal
web interface
resource consumption
denial of service
http requests

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

35.0%

Multiple uncontrolled resource consumption vulnerabilities in the web interface of FortiPortal before 6.0.6 may allow a single low-privileged user to induce a denial of service via multiple HTTP requests.

CNA Affected

[
  {
    "product": "Fortinet FortiPortal",
    "vendor": "Fortinet",
    "versions": [
      {
        "status": "affected",
        "version": "FortiPortal before 6.0.6"
      }
    ]
  }
]

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

35.0%

Related for CVELIST:CVE-2021-32595