Описание
An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.0.0 (включая) до 1.0.7 (включая)Версия от 1.1.0 (включая) до 1.1.6 (включая)Версия от 1.2.0 (включая) до 1.2.13 (включая)Версия от 2.0.0 (включая) до 2.0.6 (включая)Версия от 6.0.0 (включая) до 6.0.7 (включая)Версия от 6.2.0 (включая) до 6.2.7 (включая)Версия от 6.4.0 (включая) до 6.4.9 (включая)Версия от 7.0.0 (включая) до 7.0.2 (включая)
Одно из
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.6:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.7:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.8:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.10:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.11:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.12:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.13:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.14:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.15:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.16:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.17:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.18:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.19:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.20:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.21:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.22:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.23:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.24:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.25:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:5.3.26:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.12:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.13:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.12:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.13:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.14:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.4.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortirecorder_firmware:6.4.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*
EPSS
Процентиль: 28%
0.00101
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-190
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.
EPSS
Процентиль: 28%
0.00101
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-190