CVE-2023-29179

Summary

A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, Fortiproxy version 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 allows attacker to denial of service via specially crafted HTTP requests.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiProxy7.2.0 <= 7.2.4affected
FortinetFortiProxy7.0.0 <= 7.0.10affected
FortinetFortiOS7.2.0 <= 7.2.4affected
FortinetFortiOS7.0.0 <= 7.0.11affected
FortinetFortiOS6.4.0 <= 6.4.12affected

Weaknesses

  • CWE-476: Denial of service

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References