CVE-2020-29019

Summary

A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header.

Affected Software

VendorProductVersion RangeStatus
n/aFortinet FortiWebFortiWeb 6.3.0 through 6.3.7 and version before 6.2.4affected

Weaknesses

  • denial of service

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References