CVE-2019-15705

Summary

An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiGateFortiOS versions 6.2.1 and belowaffected
FortinetFortiGateFortiOS versions 6.0.6 and belowaffected

Weaknesses

  • Denial of Service

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References