Denial of service

2021-08-0419:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.5%

JSON

An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via specifically-crafted long request parameters.

CPENameOperatorVersion
fortiauthenticatorge5.0.0
fortiauthenticatorle5.5.0
fortiauthenticatorge4.0.0
fortiauthenticatorle4.3.4
fortiauthenticatorge6.0.0
fortiauthenticatorlt6.0.6
fortisandboxge3.1.0
fortisandboxlt3.1.5
fortisandboxge3.2.0
fortisandboxlt3.2.2

Name	Operator	Version
fortiauthenticator	ge	5.0.0
fortiauthenticator	le	5.5.0
fortiauthenticator	ge	4.0.0
fortiauthenticator	le	4.3.4
fortiauthenticator	ge	6.0.0
fortiauthenticator	lt	6.0.6
fortisandbox	ge	3.1.0
fortisandbox	lt	3.1.5
fortisandbox	ge	3.2.0
fortisandbox	lt	3.2.2

Rows per page:

1-10 of 121

References

fortiguard.com/advisory/FG-IR-20-170